admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-07-24T18:00:18.596058+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-07-24 18:03:14 +00:00
parent 3afe87de53
commit fff4209c11
108 changed files with 11148 additions and 1775 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
CVE-2006/CVE-2006-15xx/CVE-2006-1547.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2006-1547",
"sourceIdentifier": "secalert@redhat.com",
"published": "2006-03-30T22:02:00.000",
"lastModified": "2017-07-20T01:30:41.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:47:20.377",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-21",
"cisaActionDue": "2022-07-21",
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -49,7 +71,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "NVD-CWE-noinfo"
}
]
}
@ -63,14 +85,14 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.8",
"matchCriteriaId": "4839E719-F3DA-4768-BB37-B575207BEC22"
"criteria": "cpe:2.3:a:apache:commons_beanutils:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7987ADF-7D37-4D26-BA04-B4279082F327"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC81E1A-2779-4FAF-866C-970752CD1828"
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.9",
"matchCriteriaId": "B108ED90-C4AA-496F-B3C7-4AA392564C1F"
}
]
}
@ -80,28 +102,47 @@
"references": [
{
"url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=38534",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Issue Tracking"
]
},
{
"url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/19493",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/20117",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://securitytracker.com/id?1015856",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html",
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Vendor Advisory"
@ -109,15 +150,27 @@
},
{
"url": "http://www.securityfocus.com/bid/17342",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/1205",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25613",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

94
CVE-2010/CVE-2010-18xx/CVE-2010-1871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-1871",
"sourceIdentifier": "cve@mitre.org",
"published": "2010-08-05T13:23:09.477",
"lastModified": "2017-11-10T02:29:00.323",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T16:52:37.187",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-12-10",
"cisaActionDue": "2022-06-10",
@ -20,6 +20,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -53,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-917"
}
]
}
@ -90,43 +112,95 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*",
"matchCriteriaId": "95B173E0-1475-4F8D-A982-86F36BE3DD4A"
}
]
}
]
}
],
"references": [
{
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/41994",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1024253",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1929",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20161017-0001/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

2
CVE-2010/CVE-2010-51xx/CVE-2010-5172.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2010-5172",
"sourceIdentifier": "cve@mitre.org",
"published": "2012-08-25T21:55:03.400",
"lastModified": "2024-05-17T00:48:28.537",
"lastModified": "2024-07-24T16:15:04.677",
"vulnStatus": "Modified",
"cveTags": [
{

187
CVE-2012/CVE-2012-01xx/CVE-2012-0158.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-0158",
"sourceIdentifier": "secure@microsoft.com",
"published": "2012-04-10T21:55:01.687",
"lastModified": "2018-10-12T22:02:11.400",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:07:11.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,6 +20,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -82,13 +104,13 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2010:*:x86:*:*:*:*:*",
"matchCriteriaId": "A0CF7572-79BA-4576-ADED-528D17809071"
"criteria": "cpe:2.3:a:microsoft:office:2010:*:*:*:*:*:x86:*",
"matchCriteriaId": "17D675D9-5089-4CB7-9AB9-7ABFC2FD9BFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2010:sp1:x86:*:*:*:*:*",
"matchCriteriaId": "8383FADC-9391-4570-AAF9-92A952A4F04F"
"criteria": "cpe:2.3:a:microsoft:office:2010:sp1:*:*:*:*:x86:*",
"matchCriteriaId": "49D1ACFD-4E9F-4D6F-997B-2BE50D65A35C"
},
{
"vulnerable": true,
@ -107,78 +129,33 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2000:sp4:*:*:*:*:*:*",
"matchCriteriaId": "A7A5116E-BD37-4539-B815-F1B70EC4D45D"
"criteria": "cpe:2.3:a:microsoft:sql_server_2000:-:sp4:*:*:*:*:*:*",
"matchCriteriaId": "1343DD7B-1574-4640-A09E-EBB047883721"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2000:sp4:analysis_services:*:*:*:*:*",
"matchCriteriaId": "6A74FD84-90B6-41DF-B7E2-8774A8F1ADA8"
"criteria": "cpe:2.3:a:microsoft:sql_server_2005:-:sp4:*:*:*:*:*:*",
"matchCriteriaId": "FC59AE94-79AC-4DA0-8E98-C97888F4B7A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp4:express_advanced_services:*:*:*:*:*",
"matchCriteriaId": "6CE40B2B-E1A0-4BBE-9A3B-5E7B14F83554"
"criteria": "cpe:2.3:a:microsoft:sql_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "83C05542-9B11-416C-858C-FAD441CD51F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp4:itanium:*:*:*:*:*",
"matchCriteriaId": "7E387893-EBA4-448A-9687-400F50A5A2F0"
"criteria": "cpe:2.3:a:microsoft:sql_server_2008:-:sp3:*:*:*:*:*:*",
"matchCriteriaId": "E9C95EBD-2B89-4142-9542-789185310B5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp4:x64:*:*:*:*:*",
"matchCriteriaId": "9916AE10-8EBF-4BB9-885C-1FD0C20ED71C"
"criteria": "cpe:2.3:a:microsoft:sql_server_2008:r2:-:*:*:*:*:*:*",
"matchCriteriaId": "ACEF7D31-F207-439F-BEA5-3656CA4C8CFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp4:x86:*:*:*:*:*",
"matchCriteriaId": "4F8BF453-1436-4031-9774-B3E53B40BB46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2008:r2:itanium:*:*:*:*:*",
"matchCriteriaId": "597E44EF-D336-40C4-BB2B-0C8735B96721"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2008:r2:x64:*:*:*:*:*",
"matchCriteriaId": "63DD17D8-8A29-48EE-8B71-ED3991D94E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2008:r2:x86:*:*:*:*:*",
"matchCriteriaId": "5A75C0F3-D945-450B-9E63-794AC8F571E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp2:itanium:*:*:*:*:*",
"matchCriteriaId": "5FA2E5E9-A530-4EBA-863A-322C10EFB82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp2:x64:*:*:*:*:*",
"matchCriteriaId": "00F271BE-E397-4DAB-894E-EBA5CD7C465F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp2:x86:*:*:*:*:*",
"matchCriteriaId": "A30C7019-68AD-4538-8250-EFDDC4FCBC32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp3:itanium:*:*:*:*:*",
"matchCriteriaId": "21B670E0-E991-4884-9D98-D9A74C95903B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp3:x64:*:*:*:*:*",
"matchCriteriaId": "46B0D444-0B3F-4430-9374-BFA7D5F44726"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp3:x86:*:*:*:*:*",
"matchCriteriaId": "C561C66B-18EB-4926-8FF1-489D1934E5C8"
"criteria": "cpe:2.3:a:microsoft:sql_server_2008:r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D97F42C1-48B0-401A-8098-120A80D2732E"
}
]
}
@ -207,13 +184,13 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:commerce_server:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "39CC1FE4-69DC-4F7D-B0C1-E1B074B2908F"
"criteria": "cpe:2.3:a:microsoft:commerce_server_2009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01B3FA95-DDB9-43CE-B83F-9FFF987A477E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:commerce_server:2009:r2:*:*:*:*:*:*",
"matchCriteriaId": "7CC3C563-408F-487B-8D0F-FDEB1D39B2B6"
"criteria": "cpe:2.3:a:microsoft:commerce_server_2009:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2D7A9A-7F6B-4D1F-890C-5799C93522A5"
}
]
}
@ -227,8 +204,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_basic:6.0:*:runtime_extended_files:*:*:*:*:*",
"matchCriteriaId": "DD65D7E8-016B-44EC-A416-E9247810CFF3"
"criteria": "cpe:2.3:a:microsoft:visual_basic:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42D281B3-B2E0-4E36-B1BD-83865AE4B3C5"
},
{
"vulnerable": true,
@ -248,54 +225,104 @@
"references": [
{
"url": "http://opensources.info/comment-on-the-curious-case-of-a-cve-2012-0158-exploit-by-chris-pierce/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/52911",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1026899",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1026900",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1026902",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1026903",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1026904",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1026905",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA12-101A.html",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-027",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74372",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15462",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link"
]
}
]
}

150
CVE-2013/CVE-2013-39xx/CVE-2013-3906.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-3906",
"sourceIdentifier": "secure@microsoft.com",
"published": "2013-11-06T15:55:05.860",
"lastModified": "2023-12-07T18:38:56.693",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:19:31.253",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-15",
"cisaActionDue": "2022-08-15",
@ -20,6 +20,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -65,6 +87,21 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAAF38A-FE97-40FC-9BBF-763785853DCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:lync:2010:*:*:*:attendee:*:*:*",
"matchCriteriaId": "6C3ED4FC-2583-4E51-8931-082875A97034"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:lync:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "57F4F185-8709-4846-B017-A09C7A0D58B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
@ -77,108 +114,43 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2010:sp1:x64:*:*:*:*:*",
"matchCriteriaId": "8239CEF1-BD02-4ACE-A0C2-75A9EAA15914"
"criteria": "cpe:2.3:a:microsoft:office:2010:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9932C177-FCBB-4AD1-A42A-1FAB28F392F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2010:sp1:x86:*:*:*:*:*",
"matchCriteriaId": "8383FADC-9391-4570-AAF9-92A952A4F04F"
"criteria": "cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "081DE1E3-4622-4C32-8B9C-9AEC1CD20638"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2010:sp2:x64:*:*:*:*:*",
"matchCriteriaId": "69998A67-CB15-4217-8AD6-43F9BA3C6454"
"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*",
"matchCriteriaId": "71AF058A-2E5D-4B11-88DB-8903C64B13C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2010:sp2:x86:*:*:*:*:*",
"matchCriteriaId": "349E9084-8116-43E9-8B19-CA521C96660D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*",
"matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F"
"criteria": "cpe:2.3:a:microsoft:powerpoint_viewer:2010:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9C087A89-8A17-4C73-B257-A082555ABDEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*",
"matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518"
"criteria": "cpe:2.3:a:microsoft:powerpoint_viewer:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "F6C3E599-80A1-4EC9-8737-F05212888124"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*",
"matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:lync:2010:*:attendee:*:*:*:*:*",
"matchCriteriaId": "EE98CEE9-200B-494A-B645-D14ACB577250"
"criteria": "cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC45CB0-6C84-46D3-B16D-170D46822E54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:lync:2010:*:x64:*:*:*:*:*",
"matchCriteriaId": "AF2C62AD-CC37-42B4-88AD-75F8F603ADEB"
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:lync:2010:*:x86:*:*:*:*:*",
"matchCriteriaId": "F01B787D-6263-4753-977D-211432447E38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:lync:2013:-:x64:*:*:*:*:*",
"matchCriteriaId": "F3A59686-65D9-4003-BBA1-9BEB424A6C52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:lync:2013:-:x86:*:*:*:*:*",
"matchCriteriaId": "1764CD62-F012-4CD9-B883-EEFEDEFBBCA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:lync_basic:2013:-:x64:*:*:*:*:*",
"matchCriteriaId": "3599EF09-BCE4-44C2-90D7-7257BAF1480E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:lync_basic:2013:-:x86:*:*:*:*:*",
"matchCriteriaId": "EFAA17A7-7FD5-40E6-81C8-BD16BAAD96FC"
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
}
]
}
@ -190,6 +162,7 @@
"url": "http://blogs.mcafee.com/mcafee-labs/mcafee-labs-detects-zero-day-exploit-targeting-microsoft-office-2",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Exploit"
]
},
@ -197,6 +170,7 @@
"url": "http://blogs.technet.com/b/srd/archive/2013/11/05/cve-2013-3906-a-graphics-vulnerability-exploited-through-word-documents.aspx",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Exploit"
]
},
@ -212,12 +186,18 @@
"url": "http://www.exploit-db.com/exploits/30011",
"source": "secure@microsoft.com",
"tags": [
"Exploit"
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-096",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

74
CVE-2014/CVE-2014-17xx/CVE-2014-1761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-1761",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-03-25T13:24:01.067",
"lastModified": "2018-10-30T16:27:52.390",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:05:50.600",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-15",
"cisaActionDue": "2022-08-15",
@ -20,6 +20,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -53,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
}
@ -67,13 +89,13 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2011:*:mac:*:*:*:*:*",
"matchCriteriaId": "0D84FC39-29AA-4EF2-ACE7-E72635126F2B"
"criteria": "cpe:2.3:a:microsoft:office:2011:*:*:*:*:macos:*:*",
"matchCriteriaId": "BCB90D64-B7B2-4301-91E3-A113569371F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "44BC7B7B-7191-431C-8CAE-83B3F0EFF03E"
"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*",
"matchCriteriaId": "71AF058A-2E5D-4B11-88DB-8903C64B13C1"
},
{
"vulnerable": true,
@ -117,23 +139,18 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "E03BB51F-14CE-4FFC-ADCD-15B5B694563B"
"criteria": "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D2A0758C-6499-407F-823A-6F28BE56805E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:x86:*:*",
"matchCriteriaId": "C3ADF60E-8802-4738-A6A6-BF2790225BB0"
"criteria": "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "24EEDAD9-9656-4B21-82E4-D60B83777492"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "00A48B3D-7639-4F74-83CB-79D951458C0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8E95D3-C62D-41D2-8B3A-032FEA6B8B97"
"criteria": "cpe:2.3:a:microsoft:word:2013:*:*:*:-:*:*:*",
"matchCriteriaId": "E4CD4956-7280-4187-B613-A97B4B32941C"
},
{
"vulnerable": true,
@ -142,8 +159,18 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D79B6572-E7DF-4CC2-B70B-9B31BE1B6A81"
"criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:-:*:*:*",
"matchCriteriaId": "D7A48E44-F01A-40AD-B8AF-8FE368248003"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:rt:*:*:*",
"matchCriteriaId": "45E21528-4B0F-4A6F-82AD-DF7FDBF67C8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC45CB0-6C84-46D3-B16D-170D46822E54"
}
]
}
@ -155,12 +182,17 @@
"url": "http://technet.microsoft.com/security/advisory/2953095",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-017",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

294
CVE-2014/CVE-2014-17xx/CVE-2014-1776.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-1776",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-04-27T10:55:03.340",
"lastModified": "2018-10-12T22:06:04.047",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:47:41.447",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-28",
"cisaActionDue": "2022-07-28",
@ -20,6 +20,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -60,6 +82,7 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -69,31 +92,267 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:-:*",
"matchCriteriaId": "C5D2C681-EB06-4B72-BD34-47AEE35CC227"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:-:*",
"matchCriteriaId": "C5D2C681-EB06-4B72-BD34-47AEE35CC227"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*",
"matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:-:*",
"matchCriteriaId": "C5D2C681-EB06-4B72-BD34-47AEE35CC227"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*",
"matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*",
"matchCriteriaId": "D5808661-A082-4CBE-808C-B253972487B4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*",
"matchCriteriaId": "15BAAA8C-7AF1-46CE-9FFB-3A498508A1BF"
"criteria": "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*",
"matchCriteriaId": "D7809F78-8D56-4925-A8F9-4119B973A667"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
@ -105,16 +364,25 @@
"url": "http://blogs.technet.com/b/srd/archive/2014/04/30/protection-strategies-for-the-security-advisory-2963983-ie-0day.aspx",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Mitigation"
]
},
{
"url": "http://secunia.com/advisories/57908",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://securitytracker.com/id?1030154",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html",
@ -134,12 +402,17 @@
},
{
"url": "http://www.osvdb.org/106311",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/67075",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
@ -147,12 +420,17 @@
"url": "http://www.signalsec.com/cve-2014-1776-ie-0day-analysis/",
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-021",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://technet.microsoft.com/library/security/2963983",

216
CVE-2014/CVE-2014-44xx/CVE-2014-4404.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-4404",
"sourceIdentifier": "product-security@apple.com",
"published": "2014-09-18T10:55:09.827",
"lastModified": "2019-03-08T16:06:31.107",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:04:19.063",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-10",
"cisaActionDue": "2022-08-10",
@ -20,6 +20,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -53,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
}
@ -65,118 +87,30 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0",
"matchCriteriaId": "FBB6C87D-9D8C-4003-892F-1FF2523425A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.0.2",
"matchCriteriaId": "B515417A-BCCA-47A7-BB56-6FBB95FB932B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
"versionEndExcluding": "10.10.0",
"matchCriteriaId": "01E466F3-22A5-4BCD-B980-49E4FD8418A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.10.1",
"versionEndExcluding": "10.10.3",
"matchCriteriaId": "FEB0106C-9831-4CF8-8186-1C6835401167"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.2",
"matchCriteriaId": "68138EEE-F622-4E94-BC41-1106671EC927"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5365205F-B91D-4123-8CFD-EA42E0DEA944"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C7F676-5ACC-4330-9591-465CA8AF77AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D5314D7F-8352-41F5-A155-5E5392C58ABF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36567F18-DE70-4189-A52E-A0376C779B7C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA1745A-E240-462A-BDA9-200DB6AC112F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC814F33-E1D4-4910-BD1C-2C002D734415"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.1.2",
"matchCriteriaId": "4B2B0F1C-DDAC-476D-A908-CE338CF5D7A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07A11433-B725-4BD6-B998-4B3637F061EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD62141-07B1-4E3D-80BC-25D519F90DBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9737BD4-B4F4-4291-A1E9-B692ECBC657E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6160869-944D-4E34-BB81-6A1259D692B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "090CAC3C-4B20-46E5-A8C7-950B7E1DB5E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E96F77DD-0962-4E55-97A2-9BC2FE01D8A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD9ACBF-34A4-4181-A6E0-78ABD4FC9ACB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF40E86-E5D2-4D66-B296-ADFA78B42113"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "997D8B0E-44AC-4598-B533-AB31CBE5E2F2"
"versionEndExcluding": "7.0",
"matchCriteriaId": "3046D96B-04AF-4021-A306-C9A5BE6CC0F2"
}
]
}
@ -186,46 +120,81 @@
"references": [
{
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/kb/HT6441",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/kb/HT6441",
"source": "product-security@apple.com"
},
{
"url": "http://support.apple.com/kb/HT6442",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/69882",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/69947",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1030866",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96111",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://support.apple.com/HT204659",
@ -236,7 +205,10 @@
},
{
"url": "https://support.apple.com/kb/HT6535",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

2300
CVE-2014/CVE-2014-62xx/CVE-2014-6271.json
View File

File diff suppressed because it is too large Load Diff

81
CVE-2014/CVE-2014-63xx/CVE-2014-6352.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-6352",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-10-22T14:55:06.247",
"lastModified": "2018-10-12T22:07:43.067",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:20:19.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-25",
"cisaActionDue": "2022-08-25",
@ -20,6 +20,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -53,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-94"
"value": "NVD-CWE-noinfo"
}
]
}
@ -82,8 +104,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_rt:-:gold:*:*:*:*:*:*",
"matchCriteriaId": "DC5F631C-5461-4C0B-AE80-079A987912DA"
"criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB"
},
{
"vulnerable": true,
@ -92,8 +114,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177"
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
@ -102,8 +124,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*",
"matchCriteriaId": "AB506484-7F0C-46BF-8EA6-4FB5AF454CED"
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
@ -112,8 +134,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
}
]
}
@ -125,33 +147,58 @@
"url": "http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/61803",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://twitter.com/ohjeongwook/statuses/524795124270653440",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/70690",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1031097",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-064",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97714",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://technet.microsoft.com/library/security/3010060",

3007
CVE-2014/CVE-2014-71xx/CVE-2014-7169.json
View File

File diff suppressed because it is too large Load Diff

75
CVE-2015/CVE-2015-16xx/CVE-2015-1641.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-1641",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-04-14T20:59:05.250",
"lastModified": "2018-10-12T22:08:33.540",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:06:41.523",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,6 +20,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -53,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-399"
"value": "CWE-787"
}
]
}
@ -67,18 +89,13 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2010:sp2:x64:*:*:*:*:*",
"matchCriteriaId": "69998A67-CB15-4217-8AD6-43F9BA3C6454"
"criteria": "cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "081DE1E3-4622-4C32-8B9C-9AEC1CD20638"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2010:sp2:x86:*:*:*:*:*",
"matchCriteriaId": "349E9084-8116-43E9-8B19-CA521C96660D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "44BC7B7B-7191-431C-8CAE-83B3F0EFF03E"
"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*",
"matchCriteriaId": "71AF058A-2E5D-4B11-88DB-8903C64B13C1"
},
{
"vulnerable": true,
@ -90,6 +107,11 @@
"criteria": "cpe:2.3:a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "B3C3FC9A-D8E5-493A-A575-C831A9A28815"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:outlook:2011:*:*:*:*:mac_os_x:*:*",
"matchCriteriaId": "2307F3E3-6763-46F8-8536-BB1BFA698462"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*",
@ -112,8 +134,13 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word:2011:*:*:*:mac:*:*:*",
"matchCriteriaId": "69947F0D-68B6-42E0-8E94-E5717264EBE1"
"criteria": "cpe:2.3:a:microsoft:word:2011:*:*:*:*:macos:*:*",
"matchCriteriaId": "126AF471-BF9D-4872-BAD3-A9DC9D89686D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:-:*:*:*",
"matchCriteriaId": "D7A48E44-F01A-40AD-B8AF-8FE368248003"
},
{
"vulnerable": true,
@ -128,15 +155,29 @@
"references": [
{
"url": "http://www.securityfocus.com/bid/73995",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1032104",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-033",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

49
CVE-2015/CVE-2015-20xx/CVE-2015-2051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-2051",
"sourceIdentifier": "cve@mitre.org",
"published": "2015-02-23T17:59:08.320",
"lastModified": "2024-07-03T01:35:16.440",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:05:08.900",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-10",
"cisaActionDue": "2022-08-10",
@ -21,6 +21,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -101,8 +121,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-645_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.04b12",
"matchCriteriaId": "3309E79F-0C27-4AC0-BC26-A8D7DE8E3ABC"
"versionEndExcluding": "1.05b01",
"matchCriteriaId": "0F3662DF-44FB-4613-A8C1-3A803F1186E4"
}
]
},
@ -131,15 +151,30 @@
},
{
"url": "http://www.securityfocus.com/bid/72623",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/74870",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/37171/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

108
CVE-2015/CVE-2015-74xx/CVE-2015-7450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-7450",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2016-01-02T21:59:15.800",
"lastModified": "2017-09-08T01:29:50.763",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T17:02:03.383",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-10",
"cisaActionDue": "2022-07-10",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -74,7 +74,7 @@
"description": [
{
"lang": "en",
"value": "CWE-94"
"value": "NVD-CWE-noinfo"
}
]
}
@ -86,6 +86,16 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F805BA3A-178D-416E-9DED-4258F71A17C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_integrator:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8597A678-3633-4F5D-95A9-5AAB168F92B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:tivoli_common_reporting:2.1:*:*:*:*:*:*:*",
@ -125,6 +135,69 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:tivoli_common_reporting:3.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D680D54-EE53-4658-98E1-64F316D23177"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_content_analytics:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0",
"versionEndIncluding": "3.0.0.6",
"matchCriteriaId": "18D82CA9-8AFE-44FF-956C-F2B8E42B3EB4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_content_analytics:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5",
"versionEndIncluding": "3.5.0.3",
"matchCriteriaId": "B22F02C8-BF16-4202-82B7-E167E0F6FC75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_explorer_analytical_components:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0",
"versionEndIncluding": "10.0.0.2",
"matchCriteriaId": "58412A55-8780-417E-9E89-AF9F5DD19BC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_explorer_analytical_components:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAD3A69-115D-4D6C-B5A9-7590E97B15A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_explorer_annotation_administration_console:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0",
"versionEndIncluding": "10.0.0.2",
"matchCriteriaId": "41147B26-C469-48EE-B139-C0D0B07BBDED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_explorer_annotation_administration_console:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66634C1B-0E8A-48FD-A0DC-D5AD4CF29EC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.0:*:*:*:-:*:*:*",
"matchCriteriaId": "A0507670-6059-4164-AD54-A5172DE8313F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:-:*:*:*",
"matchCriteriaId": "A207B0AA-DF2F-4B1B-9D87-D812E33ADBD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:traditional:*:*:*",
"matchCriteriaId": "6C43FBAC-2DD2-43CB-AC5F-56741BB2A31C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:hypervisor:*:*:*",
"matchCriteriaId": "AB001073-3FE0-452B-94FB-57B4555F7CE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.5.5:*:*:*:liberty:*:*:*",
"matchCriteriaId": "3029A691-2288-453A-8FC0-7598EF60357C"
}
]
}
@ -157,7 +230,7 @@
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971733",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
"Broken Link"
]
},
{
@ -176,15 +249,30 @@
},
{
"url": "http://www.securityfocus.com/bid/77653",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1035125",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/41613/",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

57
CVE-2016/CVE-2016-01xx/CVE-2016-0167.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0167",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-04-12T23:59:30.430",
"lastModified": "2018-10-12T22:11:23.880",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:06:31.923",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,17 +20,17 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-264"
"value": "NVD-CWE-noinfo"
}
]
}
@ -89,23 +89,23 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
"matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53"
"criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7519928D-0FF2-4584-8058-4C7764CD5671"
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F"
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": true,
@ -114,8 +114,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177"
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
@ -134,8 +134,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
}
]
}
@ -145,18 +145,29 @@
"references": [
{
"url": "http://www.securitytracker.com/id/1035529",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1035532",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

56
CVE-2016/CVE-2016-01xx/CVE-2016-0185.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0185",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-05-11T01:59:26.097",
"lastModified": "2018-10-12T22:11:29.037",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:05:45.267",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -89,18 +89,18 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7519928D-0FF2-4584-8058-4C7764CD5671"
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F"
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
}
]
}
@ -110,23 +110,45 @@
"references": [
{
"url": "http://www.securityfocus.com/bid/90023",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1035832",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-277",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-059",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/39805/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

71
CVE-2016/CVE-2016-30xx/CVE-2016-3088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3088",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-06-01T20:59:04.123",
"lastModified": "2023-11-07T02:32:07.937",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:04:58.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-10",
"cisaActionDue": "2022-08-10",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-434"
}
]
}
@ -90,8 +90,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.13.3",
"matchCriteriaId": "0592D9FF-32CF-405B-B43E-00995770BC0B"
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "D44743D6-E0CE-44B1-80CA-B760434FC850"
}
]
}
@ -101,39 +102,75 @@
"references": [
{
"url": "http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2016-2036.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1035951",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-356",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-357",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/f956ea38e4da2e2c1e7131e6f91e41754852f5a4861d1a14ca5ca78a%40%3Cusers.activemq.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/42283/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

50
CVE-2016/CVE-2016-32xx/CVE-2016-3235.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3235",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-06-16T01:59:36.983",
"lastModified": "2018-10-12T22:12:04.727",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:05:24.710",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-264"
"value": "NVD-CWE-noinfo"
}
]
}
@ -125,27 +125,53 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/137490/Microsoft-Visio-DLL-Hijacking.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2016/Jun/32",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/538685/100/0/threaded",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1036093",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-070",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.securify.nl/advisory/SFY20150804/microsoft_visio_multiple_dll_side_loading_vulnerabilities.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

454
CVE-2016/CVE-2016-37xx/CVE-2016-3715.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3715",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-05-05T18:59:04.727",
"lastModified": "2023-02-12T23:19:47.760",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:06:03.347",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-284"
"value": "NVD-CWE-noinfo"
}
]
}
@ -97,6 +97,166 @@
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "967EC28A-607F-48F4-AD64-5E3041C768F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "C84EAAE7-0249-4EA1-B8D3-E039B03ACDC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "2148300C-ECBD-4ED5-A164-79629859DD43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:6.7_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "837F0D24-99B3-4093-A45A-53ADB0367FCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "357FDE3E-2248-4BCD-B726-97C4D92FDCB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.3_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "E420B889-BB89-4B64-B0E0-7E9B8545B959"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "B908AEF5-67CE-42D4-961D-C0E7ADB78ADD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8EB695-5EA3-46D2-941E-D7F01AB99A48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1DB003-76B8-4D7B-A6ED-5064C3AE1C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC68D88-3CD3-4A3D-A01B-E9DBACD9B9CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.7_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "9835090F-120A-4A53-B4A8-375DD6999167"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5B5F9E-D749-45E5-8538-7CED9620C00C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "7A584AAA-A14F-4C64-8FED-675DC36F69A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "D373A806-8A25-4BD4-8511-879D8755C326"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.3_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE6C909-798B-4B7A-9BD4-6741933DBC1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A24D0C-604D-4421-AFA6-5D541DA2E94D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "3A2E3637-B6A6-4DA9-8B0A-E91F22130A45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "F81F859C-DA89-4D1E-91D3-A000AD646203"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "418488A5-2912-406C-9337-B8E85D0C2B57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
@ -129,14 +289,59 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491"
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
@ -160,8 +365,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.9.3-9",
"matchCriteriaId": "F89D4030-2804-4CFE-8DC1-66BC99720860"
"versionEndExcluding": "6.9.3-10",
"matchCriteriaId": "87477201-64C5-490B-AAE1-23D26F774989"
},
{
"vulnerable": true,
@ -190,8 +395,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"
},
{
"vulnerable": true,
@ -200,8 +405,148 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
"matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "58D3B6FD-B474-4B09-B644-A8634A629280"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD4EEF7C-CC33-4494-8531-7C0CC28A8823"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBED083-B935-4C47-BBDA-F39D8EA277ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6136E8-74DE-48AF-A8AB-B0E93D34870C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "B12243B2-D726-404C-ABFF-F1AB51BA1783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217"
}
]
}
@ -213,28 +558,44 @@
"url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog",
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Patch"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html",
@ -245,11 +606,19 @@
},
{
"url": "http://www.debian.org/security/2016/dsa-3580",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2016/dsa-3746",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2016/05/03/18",
@ -261,23 +630,43 @@
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/89852",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2990-1",
@ -288,16 +677,25 @@
},
{
"url": "https://security.gentoo.org/glsa/201611-21",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/39767/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588",
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},

549
CVE-2016/CVE-2016-37xx/CVE-2016-3718.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3718",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-05-05T18:59:08.960",
"lastModified": "2023-02-12T23:20:05.733",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:05:54.827",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,26 +20,26 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -75,68 +75,12 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.9.3-9",
"matchCriteriaId": "F89D4030-2804-4CFE-8DC1-66BC99720860"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B7CCC6B-C66E-48E2-BA1E-CBF6421B4FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*",
"matchCriteriaId": "693C9F8F-A8C1-4D06-8F31-E085E16E701C"
}
]
}
]
},
{
"nodes": [
{
@ -153,6 +97,166 @@
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "967EC28A-607F-48F4-AD64-5E3041C768F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "C84EAAE7-0249-4EA1-B8D3-E039B03ACDC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "2148300C-ECBD-4ED5-A164-79629859DD43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:6.7_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "837F0D24-99B3-4093-A45A-53ADB0367FCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "357FDE3E-2248-4BCD-B726-97C4D92FDCB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.3_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "E420B889-BB89-4B64-B0E0-7E9B8545B959"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "B908AEF5-67CE-42D4-961D-C0E7ADB78ADD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8EB695-5EA3-46D2-941E-D7F01AB99A48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1DB003-76B8-4D7B-A6ED-5064C3AE1C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC68D88-3CD3-4A3D-A01B-E9DBACD9B9CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.7_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "9835090F-120A-4A53-B4A8-375DD6999167"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5B5F9E-D749-45E5-8538-7CED9620C00C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "7A584AAA-A14F-4C64-8FED-675DC36F69A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "D373A806-8A25-4BD4-8511-879D8755C326"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.3_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE6C909-798B-4B7A-9BD4-6741933DBC1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A24D0C-604D-4421-AFA6-5D541DA2E94D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "3A2E3637-B6A6-4DA9-8B0A-E91F22130A45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "F81F859C-DA89-4D1E-91D3-A000AD646203"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "418488A5-2912-406C-9337-B8E85D0C2B57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
@ -185,14 +289,59 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491"
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
@ -206,6 +355,202 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.3-10",
"matchCriteriaId": "87477201-64C5-490B-AAE1-23D26F774989"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B7CCC6B-C66E-48E2-BA1E-CBF6421B4FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*",
"matchCriteriaId": "693C9F8F-A8C1-4D06-8F31-E085E16E701C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
"matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "58D3B6FD-B474-4B09-B644-A8634A629280"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD4EEF7C-CC33-4494-8531-7C0CC28A8823"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBED083-B935-4C47-BBDA-F39D8EA277ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6136E8-74DE-48AF-A8AB-B0E93D34870C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "B12243B2-D726-404C-ABFF-F1AB51BA1783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217"
}
]
}
]
}
],
"references": [
@ -219,23 +564,38 @@
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html",
@ -246,7 +606,11 @@
},
{
"url": "http://www.debian.org/security/2016/dsa-3580",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2016/05/03/18",
@ -258,19 +622,33 @@
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2990-1",
@ -281,15 +659,26 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/201611-21",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/39767/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588",

93
CVE-2016/CVE-2016-44xx/CVE-2016-4437.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-4437",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-06-07T14:06:13.247",
"lastModified": "2023-11-07T02:32:37.560",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:05:36.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,25 +20,25 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.2,
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-284"
"value": "NVD-CWE-noinfo"
}
]
}
@ -87,11 +87,38 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:aurora:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.10.0",
"versionEndExcluding": "0.18.1",
"matchCriteriaId": "5E4E49B7-6247-4353-A80D-ADE138DD0967"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.4",
"matchCriteriaId": "D3064BD5-6198-43C2-9209-3024BAE8E958"
"versionEndExcluding": "1.2.5",
"matchCriteriaId": "2BF5BF73-85B5-4422-B100-EE22B38F574A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "077732DB-F5F3-4E9C-9AC0-8142AB85B32F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_middleware_text-only_advisories:1.0:*:*:*:*:middleware:*:*",
"matchCriteriaId": "A0FED4EE-0AE2-4BD8-8DAC-143382E4DB7C"
}
]
}
@ -101,31 +128,59 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/137310/Apache-Shiro-1.2.4-Information-Disclosure.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/157497/Apache-Shiro-1.2.4-Remote-Code-Execution.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2016-2035.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2016-2036.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/538570/100/0/threaded",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/91024",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://lists.apache.org/thread.html/ef3a800c7d727a00e04b78e2f06c5cd8960f09ca28c9b69d94c3c4c4%40%3Cannouncements.aurora.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
}
]
}

368
CVE-2017/CVE-2017-01xx/CVE-2017-0144.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-0144",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-03-17T00:59:04.010",
"lastModified": "2018-06-21T01:29:00.433",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:03:46.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-10",
"cisaActionDue": "2022-08-10",
@ -20,25 +20,25 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -101,18 +101,18 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC814B4-7DEC-4EFC-ABFF-08FFD9FD16AA"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
"matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53"
"criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": false,
@ -121,8 +121,8 @@
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F"
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": false,
@ -141,8 +141,8 @@
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*",
"matchCriteriaId": "AB506484-7F0C-46BF-8EA6-4FB5AF454CED"
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
@ -162,59 +162,365 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p300_firmware:13.02:*:*:*:*:*:*:*",
"matchCriteriaId": "0814F7B8-8022-4DCC-BE37-4868EB912881"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p300_firmware:13.03:*:*:*:*:*:*:*",
"matchCriteriaId": "87A45473-9558-4165-949B-D63F1486F28E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p300_firmware:13.20:*:*:*:*:*:*:*",
"matchCriteriaId": "59E3D131-8FDF-424C-9BBA-41FDAE43F24C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p300_firmware:13.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2C270FA0-6961-4181-8388-E609DAEADC09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:acuson_p300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C07C8A47-9E8F-42E4-BB35-64590853A9C5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p500_firmware:va10:*:*:*:*:*:*:*",
"matchCriteriaId": "506F5373-3C3C-4F47-8FC0-D5F04095B324"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p500_firmware:vb10:*:*:*:*:*:*:*",
"matchCriteriaId": "42DBCB0C-2C71-4427-ADF8-FCB4920609B7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:acuson_p500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C50335A-8742-4E2B-B22D-0ED0A0DFB5C4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_sc2000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "4.0e",
"matchCriteriaId": "D4CFBFA2-BDE4-4566-A435-92BFB87C48E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_sc2000_firmware:5.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "7DFBC156-20D1-4546-948F-A2118D602137"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:acuson_sc2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70575FD4-0A0A-4D11-9069-F808D9F00D10"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_x700_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E644CD-EA9B-45B5-A7C6-5F294D8A6909"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_x700_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F38DAB6-39E2-4048-A57D-C3EB8415F3F2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:acuson_x700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05BD2983-B780-46F0-A857-CFC614D1B524"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:syngo_sc2000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "4.0e",
"matchCriteriaId": "99A99C16-9C4C-4BFF-B60A-A7BB67D7D397"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:syngo_sc2000_firmware:5.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "1753DB4B-1F5A-4193-A50C-C2A576F0884C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:syngo_sc2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25CEAC4F-CBA5-41BA-B389-4D0DA3F85B59"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:tissue_preparation_system_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE83393-E735-42BC-86E9-5DAF9F403C73"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:tissue_preparation_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5641B967-9938-4148-90C4-D92C3E757847"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:versant_kpcr_molecular_system_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "582D4D5C-D0F1-403D-8687-3F1491943A65"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:versant_kpcr_molecular_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68FE5E09-78BB-4A22-9CAA-93ECD7AC33A4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:versant_kpcr_sample_prep_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7B7CC4-E89E-4357-A7D6-AF74480F46B5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:versant_kpcr_sample_prep:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41EF3913-CD35-49FD-90D8-62228DB1390C"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/96704",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1037991",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/41891/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/41987/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/42030/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/42031/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

353
CVE-2017/CVE-2017-01xx/CVE-2017-0145.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-0145",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-03-17T00:59:04.040",
"lastModified": "2018-06-21T01:29:00.510",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:22:57.507",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-10",
"cisaActionDue": "2022-08-10",
@ -20,25 +20,25 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -101,18 +101,18 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC814B4-7DEC-4EFC-ABFF-08FFD9FD16AA"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
"matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53"
"criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": false,
@ -121,8 +121,8 @@
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F"
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": false,
@ -141,8 +141,8 @@
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*",
"matchCriteriaId": "AB506484-7F0C-46BF-8EA6-4FB5AF454CED"
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
@ -162,36 +162,321 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p300_firmware:13.02:*:*:*:*:*:*:*",
"matchCriteriaId": "0814F7B8-8022-4DCC-BE37-4868EB912881"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p300_firmware:13.03:*:*:*:*:*:*:*",
"matchCriteriaId": "87A45473-9558-4165-949B-D63F1486F28E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p300_firmware:13.20:*:*:*:*:*:*:*",
"matchCriteriaId": "59E3D131-8FDF-424C-9BBA-41FDAE43F24C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p300_firmware:13.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2C270FA0-6961-4181-8388-E609DAEADC09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:acuson_p300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C07C8A47-9E8F-42E4-BB35-64590853A9C5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p500_firmware:va10:*:*:*:*:*:*:*",
"matchCriteriaId": "506F5373-3C3C-4F47-8FC0-D5F04095B324"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_p500_firmware:vb10:*:*:*:*:*:*:*",
"matchCriteriaId": "42DBCB0C-2C71-4427-ADF8-FCB4920609B7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:acuson_p500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C50335A-8742-4E2B-B22D-0ED0A0DFB5C4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_sc2000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "4.0e",
"matchCriteriaId": "D4CFBFA2-BDE4-4566-A435-92BFB87C48E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_sc2000_firmware:5.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "7DFBC156-20D1-4546-948F-A2118D602137"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:acuson_sc2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70575FD4-0A0A-4D11-9069-F808D9F00D10"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_x700_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E644CD-EA9B-45B5-A7C6-5F294D8A6909"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:acuson_x700_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F38DAB6-39E2-4048-A57D-C3EB8415F3F2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:acuson_x700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05BD2983-B780-46F0-A857-CFC614D1B524"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:syngo_sc2000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "4.0e",
"matchCriteriaId": "99A99C16-9C4C-4BFF-B60A-A7BB67D7D397"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:syngo_sc2000_firmware:5.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "1753DB4B-1F5A-4193-A50C-C2A576F0884C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:syngo_sc2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25CEAC4F-CBA5-41BA-B389-4D0DA3F85B59"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:tissue_preparation_system_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE83393-E735-42BC-86E9-5DAF9F403C73"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:tissue_preparation_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5641B967-9938-4148-90C4-D92C3E757847"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:versant_kpcr_molecular_system_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "582D4D5C-D0F1-403D-8687-3F1491943A65"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:versant_kpcr_molecular_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68FE5E09-78BB-4A22-9CAA-93ECD7AC33A4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:versant_kpcr_sample_prep_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7B7CC4-E89E-4357-A7D6-AF74480F46B5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:versant_kpcr_sample_prep:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41EF3913-CD35-49FD-90D8-62228DB1390C"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/96705",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1037991",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0145",
@ -203,11 +488,21 @@
},
{
"url": "https://www.exploit-db.com/exploits/41891/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/41987/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

81
CVE-2017/CVE-2017-01xx/CVE-2017-0199.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-0199",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-04-12T14:59:01.157",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:11:35.740",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -104,18 +104,18 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A"
"criteria": "cpe:2.3:a:microsoft:office:2016:-:*:*:*:*:*:*",
"matchCriteriaId": "E2F740BB-49FA-48E0-BBBA-7685C0DA09BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7519928D-0FF2-4584-8058-4C7764CD5671"
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177"
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
@ -129,8 +129,28 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:philips:intellispace_portal:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "184A3E7A-9716-4594-9293-4ED708EF938F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:philips:intellispace_portal:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "374B9A63-793D-41A1-A02F-4642031DA5FA"
}
]
}
@ -150,13 +170,19 @@
"url": "http://www.securityfocus.com/bid/97498",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1038224",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document/",
@ -168,7 +194,11 @@
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199",
@ -180,20 +210,35 @@
},
{
"url": "https://www.exploit-db.com/exploits/41894/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/41934/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/42995/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199_useda.html",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
]

120
CVE-2017/CVE-2017-02xx/CVE-2017-0222.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-0222",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-05-12T14:29:02.143",
"lastModified": "2017-07-08T01:29:03.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:19:54.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-25",
"cisaActionDue": "2022-08-25",
@ -20,25 +20,25 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
@ -75,13 +75,14 @@
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -89,13 +90,96 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*",
"matchCriteriaId": "D5808661-A082-4CBE-808C-B253972487B4"
},
"criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*",
"matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*",
"matchCriteriaId": "15BAAA8C-7AF1-46CE-9FFB-3A498508A1BF"
"criteria": "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*",
"matchCriteriaId": "D7809F78-8D56-4925-A8F9-4119B973A667"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD582C-1660-4E6E-81A1-537BD1307A99"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
@ -107,13 +191,19 @@
"url": "http://www.securityfocus.com/bid/98127",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1038423",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222",

67
CVE-2017/CVE-2017-02xx/CVE-2017-0263.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-0263",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-05-12T14:29:05.097",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:04:49.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-10",
"cisaActionDue": "2022-08-10",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -89,43 +89,43 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
"matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53"
"criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98"
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD582C-1660-4E6E-81A1-537BD1307A99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7519928D-0FF2-4584-8058-4C7764CD5671"
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F"
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "197E82CB-81AF-40F1-A55C-7B596891A783"
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177"
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
@ -144,8 +144,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6437F9-6631-49D3-A6C2-62329E278E31"
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
@ -157,13 +157,19 @@
"url": "http://www.securityfocus.com/bid/98258",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1038449",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0263",
@ -175,11 +181,20 @@
},
{
"url": "https://www.exploit-db.com/exploits/44478/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://xiaodaozhi.com/exploit/117.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

20
CVE-2017/CVE-2017-102xx/CVE-2017-10271.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-10271",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2017-10-19T17:29:01.747",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:04:33.233",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-10",
"cisaActionDue": "2022-08-10",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -125,6 +125,7 @@
"url": "http://www.securityfocus.com/bid/101304",
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -133,6 +134,7 @@
"url": "http://www.securitytracker.com/id/1039608",
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -148,13 +150,19 @@
"url": "https://www.exploit-db.com/exploits/43458/",
"source": "secalert_us@oracle.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/43924/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

34
CVE-2017/CVE-2017-121xx/CVE-2017-12149.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-12149",
"sourceIdentifier": "secalert@redhat.com",
"published": "2017-10-04T21:01:00.180",
"lastModified": "2018-05-20T01:29:00.680",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T16:52:09.310",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-12-10",
"cisaActionDue": "2022-06-10",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -97,6 +97,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*",
"matchCriteriaId": "B8423D7F-3A8F-4AD8-BF51-245C9D8DD816"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*",
@ -147,29 +152,38 @@
"url": "http://www.securityfocus.com/bid/100591",
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:1607",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:1608",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486220",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
"Issue Tracking"
]
},
{
"url": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-12149",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2017/CVE-2017-175xx/CVE-2017-17562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-17562",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-12-12T19:29:00.207",
"lastModified": "2018-04-20T01:29:19.010",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T16:51:59.797",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-12-10",
"cisaActionDue": "2022-06-10",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -96,21 +96,51 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:integrated_lights_out_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB44C83-4B33-49BF-9610-90203176FD2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:integrated_lights_out_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8150F44B-7603-4F06-96B9-265B9BC5C751"
}
]
}
]
}
],
"references": [
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1040702",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/elttam/advisories/tree/master/CVE-2017-17562",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
@ -118,6 +148,7 @@
"url": "https://github.com/embedthis/goahead/commit/6f786c123196eb622625a920d54048629a7caa74",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory"
]
@ -126,6 +157,7 @@
"url": "https://github.com/embedthis/goahead/issues/249",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Issue Tracking",
"Third Party Advisory"
]
@ -134,6 +166,7 @@
"url": "https://www.elttam.com.au/blog/goahead/",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory"
@ -150,7 +183,12 @@
},
{
"url": "https://www.exploit-db.com/exploits/43877/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

23
CVE-2017/CVE-2017-63xx/CVE-2017-6327.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-6327",
"sourceIdentifier": "secure@symantec.com",
"published": "2017-08-11T20:29:00.207",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:11:25.850",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -90,8 +90,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.6.3-2",
"matchCriteriaId": "14960FF1-4537-46E3-BDCE-3970DFAA89D1"
"versionEndExcluding": "10.6.3-267",
"matchCriteriaId": "E1384026-561F-4A47-BE5D-710BBC1281DA"
}
]
}
@ -101,12 +101,17 @@
"references": [
{
"url": "http://seclists.org/fulldisclosure/2017/Aug/28",
"source": "secure@symantec.com"
"source": "secure@symantec.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/100135",
"source": "secure@symantec.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]

362
CVE-2017/CVE-2017-87xx/CVE-2017-8759.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-8759",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-09-13T01:29:12.193",
"lastModified": "2018-01-14T02:29:04.073",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:11:20.257",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -75,13 +75,165 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "40B3A045-B08A-44E0-91BE-726753F6A362"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23317443-1968-4791-9F20-AD3B308A83D1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD582C-1660-4E6E-81A1-537BD1307A99"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -91,22 +243,115 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279"
},
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "66CAFDB7-9D41-4E67-AB83-5EB104551FF5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF0B660D-1F30-4D45-B98B-726EDB8CB90F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A"
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "280FE663-23BE-45D2-9B31-5F577E390B48"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "40B3A045-B08A-44E0-91BE-726753F6A362"
},
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD582C-1660-4E6E-81A1-537BD1307A99"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
@ -128,6 +373,74 @@
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
}
@ -137,6 +450,7 @@
"url": "http://www.securityfocus.com/bid/100742",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -145,21 +459,33 @@
"url": "http://www.securitytracker.com/id/1039324",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/GitHubAssessments/CVE_Assessments_01_2020",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/bhdresh/CVE-2017-8759",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/nccgroup/CVE-2017-8759",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759",

19
CVE-2017/CVE-2017-98xx/CVE-2017-9822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-9822",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2017-07-20T12:29:00.233",
"lastModified": "2020-04-03T05:15:11.587",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:11:30.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2022-05-03",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -90,8 +90,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.0",
"matchCriteriaId": "D9DF4DD5-2357-46E0-BBEA-E2BE42DAF2D4"
"versionEndExcluding": "9.1.1",
"matchCriteriaId": "15E7F247-9C24-475D-9D04-01078139EDF2"
}
]
}
@ -101,12 +101,18 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.dnnsoftware.com/community/security/security-center",
"source": "security-alert@hpe.com",
"tags": [
"Product",
"Vendor Advisory"
]
},
@ -114,6 +120,7 @@
"url": "http://www.securityfocus.com/bid/102213",
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]

43
CVE-2018/CVE-2018-133xx/CVE-2018-13382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-13382",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2019-06-04T21:29:00.373",
"lastModified": "2021-06-03T11:15:08.413",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T17:00:11.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-10",
"cisaActionDue": "2022-07-10",
@ -21,6 +21,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
@ -75,7 +95,7 @@
"description": [
{
"lang": "en",
"value": "CWE-285"
"value": "CWE-863"
}
]
}
@ -87,6 +107,17 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.9",
"matchCriteriaId": "4B47708E-8A92-4767-8685-49C3143D0920"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
@ -118,13 +149,15 @@
"url": "https://fortiguard.com/advisory/FG-IR-18-389",
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://www.fortiguard.com/psirt/FG-IR-20-231",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

15
CVE-2018/CVE-2018-202xx/CVE-2018-20250.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-20250",
"sourceIdentifier": "cve@checkpoint.com",
"published": "2019-02-05T20:29:00.243",
"lastModified": "2019-10-09T23:39:36.057",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:05:24.393",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-15",
"cisaActionDue": "2022-08-15",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -113,6 +113,7 @@
"url": "http://packetstormsecurity.com/files/152618/RARLAB-WinRAR-ACE-Format-Input-Validation-Remote-Code-Execution.html",
"source": "cve@checkpoint.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -128,6 +129,7 @@
"url": "http://www.securityfocus.com/bid/106948",
"source": "cve@checkpoint.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -145,6 +147,7 @@
"source": "cve@checkpoint.com",
"tags": [
"Exploit",
"Press/Media Coverage",
"Third Party Advisory"
]
},
@ -170,7 +173,7 @@
"url": "https://www.win-rar.com/whatsnew.html",
"source": "cve@checkpoint.com",
"tags": [
"Vendor Advisory"
"Release Notes"
]
}
]

73
CVE-2018/CVE-2018-84xx/CVE-2018-8453.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-8453",
"sourceIdentifier": "secure@microsoft.com",
"published": "2018-10-10T13:29:02.557",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:47:11.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-21",
"cisaActionDue": "2022-07-21",
@ -20,17 +20,17 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-404"
"value": "NVD-CWE-noinfo"
}
]
}
@ -89,33 +89,33 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98"
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD582C-1660-4E6E-81A1-537BD1307A99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3"
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC160B20-3EA0-49A0-A857-4E7A1C2D74E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB"
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00345596-E9E0-4096-8DC6-0212F4747A13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED"
},
{
"vulnerable": true,
@ -124,14 +124,24 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F"
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_1709:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53695559-6E95-43C1-AD7C-1D99473223C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37097C39-D588-4018-B94D-5EB87B1E3D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
@ -157,16 +167,6 @@
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
@ -180,12 +180,18 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/153669/Microsoft-Windows-NtUserSetWindowFNID-Win32k-User-Callback.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/105467",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -194,6 +200,7 @@
"url": "http://www.securitytracker.com/id/1041828",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]

153
CVE-2019/CVE-2019-01xx/CVE-2019-0193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-0193",
"sourceIdentifier": "security@apache.org",
"published": "2019-08-01T14:15:13.113",
"lastModified": "2023-11-07T03:01:47.643",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:08:36.653",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-12-10",
"cisaActionDue": "2022-06-10",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
@ -90,8 +90,35 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.2.0",
"matchCriteriaId": "16F6C50B-E5B9-411C-8C72-E53DC3719A16"
"versionEndExcluding": "7.7.3",
"matchCriteriaId": "3D8C3CBD-746A-41A0-89E4-3499416FC2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndExcluding": "8.1.2",
"matchCriteriaId": "60156335-CFAA-43CF-87FE-525467509894"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
}
]
}
@ -109,87 +136,157 @@
},
{
"url": "https://lists.apache.org/thread.html/1addbb49a1fc0947fb32ca663d76d93cfaade35a4848a76d4b4ded9c%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/42cc4d334ba33905b872a0aa00d6a481391951c8b1450f01b077ce74%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/55880d48e38ba9e8c41a3b9e41051dbfdef63b86b0cfeb32967edf03%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/6f2d61bd8732224c5fd3bdd84798f8e01e4542d3ee2f527a52a81b83%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/7143983363f0ba463475be4a8b775077070a08dbf075449b7beb51ee%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/9b0e7a7e3e18d0724f511403b364fc082ff56e3134d84cfece1c82fc%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/a6e3c09dba52b86d3a1273f82425973e1b0623c415d0e4f121d89eab%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/e85f735fad06a0fb46e74b7e6e9ce7ded20b59637cd9f993310f814d%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc%40%3Cusers.solr.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r33aed7ad4ee9833c4190a44e2b106efd2deb19504b85e012175540f6%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314%40%3Cusers.solr.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef%40%3Cusers.solr.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/rb34d820c21f1708c351f9035d6bc7daf80bfb6ef99b34f7af1d2f699%40%3Cissues.lucene.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00013.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00025.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

83
CVE-2019/CVE-2019-132xx/CVE-2019-13272.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-13272",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-07-17T13:15:10.687",
"lastModified": "2023-11-07T03:03:48.947",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T16:51:53.170",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-12-10",
"cisaActionDue": "2022-06-10",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-269"
"value": "NVD-CWE-noinfo"
}
]
}
@ -200,8 +200,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
},
{
"vulnerable": true,
@ -228,10 +228,65 @@
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:7.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "AA559D29-DF65-48AF-96DB-D20A50474758"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "2148300C-ECBD-4ED5-A164-79629859DD43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF9BCF3-187F-410A-96CA-9C47D3ED6924"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77C61DDC-81F3-4E2D-9CAA-17A256C85443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B0DA79-DF12-4418-B075-F048C9E2979A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5DE3C5-B090-4CE7-9AF2-DEB379D7D5FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7275A1-8853-469E-939B-7533E9E8C499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B92409A9-0D6B-4B7E-8847-1B63837D201F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5C5860E-9FEB-4259-92FD-A85911E2F99E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE99A08-D6F7-4937-8154-65062BC88009"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "665DF1D3-EB88-4A17-B888-3B3CE298269B"
}
]
}
@ -392,6 +447,7 @@
"url": "http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -418,6 +474,7 @@
"url": "http://packetstormsecurity.com/files/165051/Linux-Kernel-5.1.x-PTRACE_TRACEME-pkexec-Local-Privilege-Escalation.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -458,8 +515,7 @@
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
@ -491,8 +547,7 @@
"url": "https://github.com/torvalds/linux/commit/6994eefb0053799d2e07cd140df6c2ea106c41ee",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
@ -513,7 +568,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGRK5LYWBJ4E4SRI4DKX367NHYSI3VOH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://seclists.org/bugtraq/2019/Jul/30",
@ -549,7 +607,10 @@
},
{
"url": "https://support.f5.com/csp/article/K91025336?utm_source=f5support&amp%3Butm_medium=RSS",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://usn.ubuntu.com/4093-1/",

39
CVE-2019/CVE-2019-15xx/CVE-2019-1579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-1579",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2019-07-19T22:15:11.557",
"lastModified": "2020-08-24T17:37:01.140",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:58:14.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-10",
"cisaActionDue": "2022-07-10",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -90,22 +90,22 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.1.18",
"matchCriteriaId": "6760BEA7-5397-4CDE-A30A-E96AB6227221"
"versionEndExcluding": "7.1.19",
"matchCriteriaId": "EE3E26D2-9924-42E0-89B1-1F3874FDE477"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.11",
"matchCriteriaId": "058765C6-C443-4E7C-80CF-283C8A2CA2B6"
"versionEndExcluding": "8.0.12",
"matchCriteriaId": "768CDC46-7810-4A40-A167-FC58DE9E0928"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndIncluding": "8.1.2",
"matchCriteriaId": "6C0A4D66-1A97-442C-A461-62CB86D5E853"
"versionEndExcluding": "8.1.3",
"matchCriteriaId": "D184BA3D-A3E5-4EF1-94CB-3879D93EA3D7"
}
]
}
@ -117,21 +117,32 @@
"url": "http://www.securityfocus.com/bid/109310",
"source": "psirt@paloaltonetworks.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://devco.re/blog/2019/07/17/attacking-ssl-vpn-part-1-PreAuth-RCE-on-Palo-Alto-GlobalProtect-with-Uber-as-case-study/",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2019-1579",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

13
CVE-2019/CVE-2019-76xx/CVE-2019-7609.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-7609",
"sourceIdentifier": "bressers@elastic.co",
"published": "2019-03-25T19:29:02.147",
"lastModified": "2023-09-08T23:15:07.477",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:58:04.403",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-10",
"cisaActionDue": "2022-07-10",
@ -138,7 +138,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/174569/Kibana-Timelion-Prototype-Pollution-Remote-Code-Execution.html",
"source": "bressers@elastic.co"
"source": "bressers@elastic.co",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://access.redhat.com/errata/RHBA-2019:2824",
@ -158,7 +163,6 @@
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077",
"source": "bressers@elastic.co",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
@ -166,6 +170,7 @@
"url": "https://www.elastic.co/community/security",
"source": "bressers@elastic.co",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}

19
CVE-2019/CVE-2019-96xx/CVE-2019-9670.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-9670",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-05-29T22:29:01.507",
"lastModified": "2021-06-26T13:15:07.523",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T17:00:28.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-10",
"cisaActionDue": "2022-07-10",
@ -20,13 +20,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -163,7 +163,7 @@
"url": "http://www.rapid7.com/db/modules/exploit/linux/http/zimbra_xxe_rce",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
"Third Party Advisory"
]
},
{
@ -171,12 +171,17 @@
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://isc.sans.edu/forums/diary/CVE20199670+Zimbra+Collaboration+Suite+XXE+vulnerability/27570/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",

82
CVE-2020/CVE-2020-07xx/CVE-2020-0787.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-0787",
"sourceIdentifier": "secure@microsoft.com",
"published": "2020-03-12T16:15:15.203",
"lastModified": "2022-07-12T17:42:04.277",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:47:33.313",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-28",
"cisaActionDue": "2022-07-28",
@ -26,11 +26,11 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
@ -73,10 +73,6 @@
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-59"
@ -93,38 +89,38 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3"
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC160B20-3EA0-49A0-A857-4E7A1C2D74E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB"
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00345596-E9E0-4096-8DC6-0212F4747A13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB"
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A363CE8F-F399-4B6E-9E7D-349792F95DDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
"matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372"
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1B570A8-ED1A-46B6-B8AB-064445F8FC4C"
},
{
"vulnerable": true,
@ -143,13 +139,23 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
"criteria": "cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37097C39-D588-4018-B94D-5EB87B1E3D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",
"matchCriteriaId": "B320A104-9037-487E-BC9A-62B4A6B49FD0"
"criteria": "cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:*:*",
"matchCriteriaId": "530DF8C9-467C-4F4F-9FCA-CDD934BADF3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_1909:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE7E7B1-64AC-4986-A50B-0918A42C05BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
@ -171,21 +177,6 @@
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*",
"matchCriteriaId": "5B921FDB-8E7D-427E-82BE-4432585080CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*",
"matchCriteriaId": "C253A63F-03AB-41CB-A03A-B2674DEA98AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
@ -199,7 +190,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/158056/Background-Intelligent-Transfer-Service-Privilege-Escalation.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0787",

113
CVE-2020/CVE-2020-118xx/CVE-2020-11899.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-11899",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-06-17T11:15:10.210",
"lastModified": "2022-07-10T21:15:10.760",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:22:11.793",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-03-03",
"cisaActionDue": "2022-03-17",
@ -96,16 +96,103 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:wyse_5050_all-in-one_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB990439-8D74-4993-AD30-C7A365C96941"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:wyse_5050_all-in-one:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6966C461-DAFF-4F71-A209-44FA1BDD6AF9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:wyse_7030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D74A6-D734-41D6-A998-1AF09360BC7B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:wyse_7030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAFD47A-32BA-4C10-9BC3-D11A4FA57DBB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:wyse_5030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1C2400-6395-4495-AE4E-2CFC87EE98F1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:wyse_5030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6733903C-B9D3-4476-AE6C-B224AE5BF01B"
}
]
}
]
}
],
"references": [
{
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cwe.mitre.org/data/definitions/125.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
},
{
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/",
@ -116,7 +203,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC",
@ -127,13 +217,16 @@
},
{
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
"Third Party Advisory"
]
},
{
@ -146,7 +239,11 @@
},
{
"url": "https://www.kb.cert.org/vuls/id/257161",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.kb.cert.org/vuls/id/257161/",

15
CVE-2020/CVE-2020-119xx/CVE-2020-11978.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-11978",
"sourceIdentifier": "security@apache.org",
"published": "2020-07-17T00:15:10.337",
"lastModified": "2023-09-19T18:15:16.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:47:01.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-18",
"cisaActionDue": "2022-07-18",
@ -90,8 +90,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.10.10",
"matchCriteriaId": "BA641E62-CF59-49E4-B776-0ABB7844A56D"
"versionEndExcluding": "1.10.11",
"matchCriteriaId": "B9D4EEE1-539A-43A3-ACA1-7307F50600F5"
}
]
}
@ -110,7 +110,12 @@
},
{
"url": "http://packetstormsecurity.com/files/174764/Apache-Airflow-1.10.10-Remote-Code-Execution.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://lists.apache.org/thread.html/r7255cf0be3566f23a768e2a04b40fb09e52fcd1872695428ba9afe91%40%3Cusers.airflow.apache.org%3E",

16
CVE-2020/CVE-2020-136xx/CVE-2020-13671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-13671",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2020-11-20T16:15:15.433",
"lastModified": "2023-11-07T03:16:47.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:44:54.537",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-18",
"cisaActionDue": "2022-07-18",
@ -143,11 +143,19 @@
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/",
"source": "mlhess@drupal.org"
"source": "mlhess@drupal.org",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/",
"source": "mlhess@drupal.org"
"source": "mlhess@drupal.org",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://www.drupal.org/sa-core-2020-012",

28
CVE-2021/CVE-2021-213xx/CVE-2021-21315.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-21315",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-02-16T17:15:13.050",
"lastModified": "2023-11-07T03:29:47.047",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:45:54.860",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-18",
"cisaActionDue": "2022-02-01",
@ -90,7 +90,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -98,6 +98,16 @@
"value": "CWE-78"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
@ -138,8 +148,7 @@
"url": "https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525",
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
@ -151,7 +160,11 @@
},
{
"url": "https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05%40%3Cissues.cordova.apache.org%3E",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20210312-0007/",
@ -164,8 +177,7 @@
"url": "https://www.npmjs.com/package/systeminformation",
"source": "security-advisories@github.com",
"tags": [
"Product",
"Third Party Advisory"
"Product"
]
}
]

33
CVE-2021/CVE-2021-222xx/CVE-2021-22204.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22204",
"sourceIdentifier": "cve@gitlab.com",
"published": "2021-04-23T18:15:08.127",
"lastModified": "2023-11-07T03:30:10.330",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:07:58.813",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-17",
"cisaActionDue": "2021-12-01",
@ -26,11 +26,11 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
@ -169,6 +169,7 @@
"url": "http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html",
"source": "cve@gitlab.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -220,8 +221,7 @@
"url": "https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800",
"source": "cve@gitlab.com",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
@ -235,7 +235,8 @@
"url": "https://hackerone.com/reports/1154542",
"source": "cve@gitlab.com",
"tags": [
"Permissions Required",
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
@ -249,20 +250,30 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-4910",
"source": "cve@gitlab.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}

16
CVE-2021/CVE-2021-252xx/CVE-2021-25296.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-25296",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-15T13:15:12.683",
"lastModified": "2023-08-08T14:21:49.707",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:46:48.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-18",
"cisaActionDue": "2022-02-01",
@ -116,7 +116,11 @@
},
{
"url": "http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://assets.nagios.com/downloads/nagiosxi/versions.php",
@ -136,7 +140,11 @@
},
{
"url": "https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

17
CVE-2021/CVE-2021-252xx/CVE-2021-25297.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-25297",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-15T13:15:12.793",
"lastModified": "2023-08-08T14:21:49.707",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:46:23.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-18",
"cisaActionDue": "2022-02-01",
@ -116,7 +116,12 @@
},
{
"url": "http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://assets.nagios.com/downloads/nagiosxi/versions.php",
@ -136,7 +141,11 @@
},
{
"url": "https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

17
CVE-2021/CVE-2021-252xx/CVE-2021-25298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-25298",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-15T13:15:12.857",
"lastModified": "2023-08-08T14:21:49.707",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:46:08.650",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-18",
"cisaActionDue": "2022-02-01",
@ -116,7 +116,12 @@
},
{
"url": "http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://assets.nagios.com/downloads/nagiosxi/versions.php",
@ -135,7 +140,11 @@
},
{
"url": "https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2021/CVE-2021-278xx/CVE-2021-27860.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-27860",
"sourceIdentifier": "cret@cert.org",
"published": "2021-12-08T17:15:10.800",
"lastModified": "2023-10-13T16:15:10.283",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T16:53:07.983",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-10",
"cisaActionDue": "2022-01-24",
@ -104,17 +104,6 @@
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:fatpipeinc:ipvpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CAF1D0-9EC6-4959-973C-6C37E3B2E6E0"
}
]
},
{
"operator": "OR",
"negate": false,
@ -300,23 +289,23 @@
"matchCriteriaId": "4BFBA83C-C03A-4C5E-ACBC-8BEC41B901F7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:fatpipeinc:warp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F56A62D9-6FE7-4062-9D83-75BFE14A0E83"
"criteria": "cpe:2.3:h:fatpipeinc:ipvpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CAF1D0-9EC6-4959-973C-6C37E3B2E6E0"
}
]
},
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
@ -502,23 +491,23 @@
"matchCriteriaId": "C56FE165-AFA7-4E47-9BB3-3326086D5C45"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:fatpipeinc:mpvpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11AA0180-8172-4021-AADF-7BAB1CA1BA96"
"criteria": "cpe:2.3:h:fatpipeinc:warp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F56A62D9-6FE7-4062-9D83-75BFE14A0E83"
}
]
},
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
@ -704,6 +693,17 @@
"matchCriteriaId": "60D7B24F-0075-4362-9F07-A0C55F07FA9F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:fatpipeinc:mpvpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11AA0180-8172-4021-AADF-7BAB1CA1BA96"
}
]
}
]
}
@ -720,6 +720,8 @@
"url": "https://www.ic3.gov/Media/News/2021/211117-2.pdf",
"source": "cret@cert.org",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory",
"US Government Resource"
]

4
CVE-2021/CVE-2021-337xx/CVE-2021-33766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33766",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-07-14T18:15:10.380",
"lastModified": "2023-12-28T23:15:20.547",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:45:35.687",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-01-18",
"cisaActionDue": "2022-02-01",

29
CVE-2021/CVE-2021-369xx/CVE-2021-36934.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36934",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-07-22T07:15:11.013",
"lastModified": "2023-12-28T23:15:43.247",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:48:35.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-10",
"cisaActionDue": "2022-02-24",
@ -109,28 +109,33 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2C378B-1507-4C81-82F6-9F599616845A"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.2114",
"matchCriteriaId": "F8D40D82-1D88-4CF1-B961-F9F28426C56B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE4278F-71A7-43E9-8F79-1CBFAE71D730"
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.18363.1734",
"matchCriteriaId": "3DD2BDE6-67C6-48E2-BED0-12E4CC7EE6BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"
"criteria": "cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.1165",
"matchCriteriaId": "70336A6A-DE45-4604-BE81-10DA4DF12D3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
"matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372"
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19042.1165",
"matchCriteriaId": "7AB7321A-1F89-48B3-8E5A-94791AB2BC86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE74AF3-C559-4645-A6C0-25C3D647AAC8"
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19043.1165",
"matchCriteriaId": "2A860F2B-0533-46F7-879E-B932E4E44F0D"
}
]
}

91
CVE-2021/CVE-2021-404xx/CVE-2021-40438.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-40438",
"sourceIdentifier": "security@apache.org",
"published": "2021-09-16T15:15:07.633",
"lastModified": "2023-11-07T03:38:35.113",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:08:07.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-12-01",
"cisaActionDue": "2021-12-15",
@ -172,6 +172,11 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADFF451-740F-4DBA-BD23-3881945D3E40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2748912-FC54-47F6-8C0C-B96784765B8E"
}
]
}
@ -257,10 +262,27 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:ruggedcom_nms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "414A7F48-EFA5-4D86-9F8D-5A179A6CFC39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D09241FF-5652-4020-A626-D604134D5020"
"versionEndExcluding": "1.0.3",
"matchCriteriaId": "BEF5E6CF-BBA5-4CCF-ACB1-BEF8D2C372B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1",
"matchCriteriaId": "98CC9C9A-FE14-4D50-A8EC-C309229356C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D889831F-64D0-428A-A26C-71152C3B9974"
},
{
"vulnerable": true,
@ -270,6 +292,22 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.19.1",
"matchCriteriaId": "A686FAF0-1383-4BBB-B7F5-CBCCAB55B356"
}
]
}
]
}
],
"references": [
@ -290,31 +328,52 @@
},
{
"url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
@ -326,11 +385,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",
@ -350,6 +415,7 @@
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
@ -357,6 +423,7 @@
"url": "https://www.debian.org/security/2021/dsa-4982",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},

70
CVE-2021/CVE-2021-404xx/CVE-2021-40449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-40449",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-10-13T01:15:09.703",
"lastModified": "2023-08-08T14:21:49.707",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:07:46.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-17",
"cisaActionDue": "2021-12-01",
@ -109,44 +109,57 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.19086",
"matchCriteriaId": "1BA46972-5882-48F6-B686-AEAA16D5BC9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2C378B-1507-4C81-82F6-9F599616845A"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.4704",
"matchCriteriaId": "C72A940A-A2DC-4FA3-BCF2-7CD46E3B2150"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE4278F-71A7-43E9-8F79-1CBFAE71D730"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.2237",
"matchCriteriaId": "D03564D3-788A-4BD7-B717-B3681515A5BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.18363.1854",
"matchCriteriaId": "2DFF53D4-2910-4A58-81DF-6DDC01D2C523"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"
"criteria": "cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.1288",
"matchCriteriaId": "C995398E-B786-4AC7-B6D4-790ED8C68F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
"matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372"
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.1288",
"matchCriteriaId": "E2B1C8C4-E5E9-4B3E-8F01-618067D20EB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE74AF3-C559-4645-A6C0-25C3D647AAC8"
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.1288",
"matchCriteriaId": "B358BCA6-EF44-4378-B94B-F4BDD62FAF8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3017B3C-995F-4C9E-99C6-36714A8370BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.258",
"matchCriteriaId": "2FF279C0-02C7-4D60-85E8-9FB89492D738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
@ -164,8 +177,9 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAF6DBA-6E3A-4854-BFBF-B5DC36CE5929"
"criteria": "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.1288",
"matchCriteriaId": "486E7F23-6A3B-46AA-9F31-91EDF933B36A"
},
{
"vulnerable": true,
@ -189,23 +203,27 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.4704",
"matchCriteriaId": "423A4CEB-CEE8-437C-BCC5-72310FC14E0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0B60D940-80C7-49F0-8F4E-3F99AC15FA82"
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.2237",
"matchCriteriaId": "A555704D-BB77-46A3-A0F9-62409FCC5F40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.288",
"matchCriteriaId": "6E5F3F99-530D-4065-9133-9C251F89B406"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
"criteria": "cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19042.1288",
"matchCriteriaId": "224FA1B7-84EF-435F-BBFA-33BD39C32595"
}
]
}

83
CVE-2021/CVE-2021-413xx/CVE-2021-41379.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-41379",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-11-10T01:19:32.127",
"lastModified": "2023-12-28T16:15:54.133",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:21:53.237",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-03-03",
"cisaActionDue": "2022-03-17",
@ -109,48 +109,51 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.19119",
"matchCriteriaId": "E7381CEE-C228-4102-9100-74C62FA4D08E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2C378B-1507-4C81-82F6-9F599616845A"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.4770",
"matchCriteriaId": "8BE18653-8F06-460B-A578-D64EF07B2B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE4278F-71A7-43E9-8F79-1CBFAE71D730"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.2300",
"matchCriteriaId": "FB622AC7-02E1-453E-BB28-6B7D3121AF93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.18363.1916",
"matchCriteriaId": "DB1771D2-B811-4D2D-A83E-EF555C8443DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"
"criteria": "cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.1348",
"matchCriteriaId": "7937C0C0-9057-4F16-BA0F-73978FA220D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
"matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372"
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19042.1348",
"matchCriteriaId": "CE3F0C5F-AFCE-4D84-A53E-BB580965B486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE74AF3-C559-4645-A6C0-25C3D647AAC8"
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19043.1348",
"matchCriteriaId": "B988CA67-88EA-41C3-B338-11FCD5F405DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B9F64296-66BF-4F1D-A11C-0C44C347E2AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5D7F7DDB-440E-42CD-82F4-B2C13F3CC462"
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.318",
"matchCriteriaId": "193B0B19-6DD7-4DF3-B133-D66B27C34E9C"
},
{
"vulnerable": true,
@ -167,6 +170,12 @@
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.1348",
"matchCriteriaId": "4CC5D95F-2823-475A-A466-1A4A5B328E88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
@ -189,28 +198,27 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.4770",
"matchCriteriaId": "572BDEFC-D3E8-4FF0-B91E-D21F42D2B82D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*",
"matchCriteriaId": "4A190388-AA82-4504-9D5A-624F23268C9F"
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.2300",
"matchCriteriaId": "74A5AF5D-C59C-4093-A4C0-3BE230E7637F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0B60D940-80C7-49F0-8F4E-3F99AC15FA82"
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.350",
"matchCriteriaId": "B662E504-15E6-4D85-8463-BBE9435790CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
"criteria": "cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19042.1348",
"matchCriteriaId": "81674128-32B2-4825-8E69-6047DB81134C"
}
]
}
@ -230,7 +238,8 @@
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1308/",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"VDB Entry"
]
}
]

12
CVE-2021/CVE-2021-422xx/CVE-2021-42292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-42292",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-11-10T01:19:47.007",
"lastModified": "2023-12-28T16:15:57.467",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:07:29.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-17",
"cisaActionDue": "2021-12-01",
@ -114,8 +114,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F564117D-450D-45C4-9688-AF35F630A8A7"
"criteria": "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:-:*:*:*",
"matchCriteriaId": "BF89FEC4-936E-4226-94F9-2BD0CB0CA09F"
},
{
"vulnerable": true,
@ -124,8 +124,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "120690A6-E0A1-4E36-A35A-C87109ECC064"
"criteria": "cpe:2.3:a:microsoft:office:2013:sp1:*:*:-:*:*:*",
"matchCriteriaId": "552E1557-D6FA-45DD-9B52-E13ACDBB8A62"
},
{
"vulnerable": true,

4
CVE-2021/CVE-2021-423xx/CVE-2021-42321.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-42321",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-11-10T01:19:50.047",
"lastModified": "2023-12-28T16:16:00.120",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:07:18.663",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-17",
"cisaActionDue": "2021-12-01",

114
CVE-2021/CVE-2021-438xx/CVE-2021-43890.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-43890",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-12-15T15:15:11.207",
"lastModified": "2024-05-29T15:15:50.500",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T16:52:54.103",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-12-15",
"cisaActionDue": "2021-12-29",
@ -109,17 +109,64 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "084984D5-D241-497B-B118-50C6C1EAD468"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "BA592626-F17C-4F46-823B-0947D102BBD2"
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:app_installer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.16",
"matchCriteriaId": "F5F1F637-0D18-4CBE-A56B-DEA530ACC1B0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A363CE8F-F399-4B6E-9E7D-349792F95DDB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1B570A8-ED1A-46B6-B8AB-064445F8FC4C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_2004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DBE5B2-AE10-4251-BCDA-DC5EDEE6EE67"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AFD13A6-A390-4400-9029-2F4058CA17E2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1FED4C9-B680-4F44-ADC0-AC43D6B5F184"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
@ -127,7 +174,29 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:app_installer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F08CBD8F-D993-4175-A2FF-0A0C37F7AFD0"
"versionEndExcluding": "1.11",
"matchCriteriaId": "62B0A730-2442-4C85-8CFA-098D4DADFF8C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC160B20-3EA0-49A0-A857-4E7A1C2D74E2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00345596-E9E0-4096-8DC6-0212F4747A13"
}
]
}
@ -137,7 +206,10 @@
"references": [
{
"url": "https://github.com/ChrisTitusTech/winutil/pull/26",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43890",
@ -149,15 +221,27 @@
},
{
"url": "https://thehackernews.com/2023/12/microsoft-disables-msix-app-installer.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
]
},
{
"url": "https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-msix-protocol-handler-abused-in-malware-attacks/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
]
},
{
"url": "https://www.microsoft.com/en-us/security/blog/2023/12/28/financially-motivated-threat-actors-misusing-app-installer/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

64
CVE-2021/CVE-2021-442xx/CVE-2021-44228.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-44228",
"sourceIdentifier": "security@apache.org",
"published": "2021-12-10T10:15:09.143",
"lastModified": "2023-11-07T03:39:36.897",
"vulnStatus": "Modified",
"lastModified": "2024-07-24T17:08:24.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-12-10",
"cisaActionDue": "2021-12-24",
@ -158,9 +158,9 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "755BA221-33DD-40A2-A517-8574D042C261"
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8320869-CBF4-4C92-885C-560C09855BFA"
}
]
},
@ -169,9 +169,9 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8320869-CBF4-4C92-885C-560C09855BFA"
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "755BA221-33DD-40A2-A517-8574D042C261"
}
]
}
@ -2346,6 +2346,22 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.3",
"matchCriteriaId": "E0755E91-2F36-4EC3-8727-E8BF0427E663"
}
]
}
]
}
],
"references": [
@ -2427,6 +2443,7 @@
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html",
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -2435,6 +2452,7 @@
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html",
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -2443,6 +2461,7 @@
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html",
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -2451,6 +2470,7 @@
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html",
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -2474,7 +2494,11 @@
},
{
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/2",
@ -2598,6 +2622,7 @@
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md",
"source": "security@apache.org",
"tags": [
"Broken Link",
"Product",
"US Government Resource"
]
@ -2620,11 +2645,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://logging.apache.org/log4j/2.x/security.html",
@ -2654,7 +2685,7 @@
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/",
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
"Third Party Advisory"
]
},
{
@ -2671,17 +2702,11 @@
"Third Party Advisory"
]
},
{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd",
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://twitter.com/kurtseifried/status/1469345530182455296",
"source": "security@apache.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
]
@ -2697,6 +2722,7 @@
"url": "https://www.debian.org/security/2021/dsa-5020",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},

104
CVE-2022/CVE-2022-218xx/CVE-2022-21882.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-21882",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-01-11T21:15:11.507",
"lastModified": "2023-12-21T01:15:21.003",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:48:20.753",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-04",
"cisaActionDue": "2022-02-18",
@ -109,103 +109,57 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*",
"matchCriteriaId": "610B33F9-0309-4CF7-B7E4-5152D9B2FFE4"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.2452",
"matchCriteriaId": "86E8ADB6-8720-454D-AAFE-C5B4C65EB462"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*",
"matchCriteriaId": "21074553-EDF2-468D-8E79-C39851B5BC79"
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.18363.2037",
"matchCriteriaId": "2358BDB5-DB2B-4A60-A9F2-06F2CB0628EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*",
"matchCriteriaId": "4E62F9CB-D1B6-4B4D-BCCD-7F4D36A73B4D"
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19042.1466",
"matchCriteriaId": "EE8DAF46-1702-46D1-AAF3-CEFA567953D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*",
"matchCriteriaId": "49A4BBDA-0389-4171-AA49-6837F7DF4454"
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19043.1466",
"matchCriteriaId": "9D4CB80E-5C0A-430C-9F56-9295EBBFD9C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*",
"matchCriteriaId": "F8C238FA-B20F-40A5-B861-A8295858F4BE"
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.1466",
"matchCriteriaId": "38105E41-F04D-444B-A9F7-51E94726E1E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*",
"matchCriteriaId": "56513BCA-A9F5-4112-BDE6-77E9B8D2677E"
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.434",
"matchCriteriaId": "7048A3C3-6FB5-46FA-A709-4A51362E84B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*",
"matchCriteriaId": "665EA912-D724-41EB-86A9-24EB4FE87B54"
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.2452",
"matchCriteriaId": "5B6FDB29-C2F4-44FB-8703-962E4FC7E842"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*",
"matchCriteriaId": "77E07B96-EAAA-4DD6-9172-0DE98A36726F"
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.469",
"matchCriteriaId": "E428440E-270F-40D6-872E-C5EA389860DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*",
"matchCriteriaId": "B846A736-E77C-4665-B28B-4E511880D575"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*",
"matchCriteriaId": "925B8C67-C96F-4A4D-9BE7-CCCD78EF3C31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CF580BA-6938-40F6-9D86-F43044A6BACA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*",
"matchCriteriaId": "C5E038AA-514F-48AC-B45E-859EE32525B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*",
"matchCriteriaId": "31622391-A67E-4E2A-A855-1316B6E38630"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*",
"matchCriteriaId": "61F0792D-7587-4297-8EE7-D4DC3A30EE84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*",
"matchCriteriaId": "7649042B-4430-4BD9-B82F-984A2831A651"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B9F64296-66BF-4F1D-A11C-0C44C347E2AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5D7F7DDB-440E-42CD-82F4-B2C13F3CC462"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAF6DBA-6E3A-4854-BFBF-B5DC36CE5929"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "BE257836-4F4D-4352-8293-B9CAD34F8794"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
"criteria": "cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19042.1466",
"matchCriteriaId": "D0EE46D4-66CC-4A17-9847-DCFB4B15D40E"
}
]
}

14
CVE-2022/CVE-2022-231xx/CVE-2022-23134.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23134",
"sourceIdentifier": "security@zabbix.com",
"published": "2022-01-13T16:15:08.227",
"lastModified": "2023-11-07T03:44:04.983",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:19:41.053",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-02-22",
"cisaActionDue": "2022-03-08",
@ -215,11 +215,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/",
"source": "security@zabbix.com"
"source": "security@zabbix.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/",
"source": "security@zabbix.com"
"source": "security@zabbix.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.zabbix.com/browse/ZBX-20384",

82
CVE-2022/CVE-2022-488xx/CVE-2022-48846.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48846",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T13:15:11.883",
"lastModified": "2024-07-16T13:43:58.773",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T17:56:26.767",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: liberar estructuras rq qos para cola sin disco blkcg_init_queue() puede agregar estructuras rq qos para solicitar cola, previamente blk_cleanup_queue() llama a rq_qos_exit() para liberarlas, pero commit 8e141f9eb803 ( \"bloque: drenar la E/S del sistema de archivos en del_gendisk\") mueve rq_qos_exit() a del_gendisk(), por lo que la p\u00e9rdida de memoria se debe a que es posible que las colas no tengan disco, como los luns scsi no presentes, la cola de administraci\u00f3n de nvme, ... solucione el problema agregando rq_qos_exit() a blk_cleanup_queue() nuevamente. Por cierto, v5.18 ya no necesitar\u00e1 este parche ya que movemos blkcg_init_queue()/blkcg_exit_queue() al controlador de asignaci\u00f3n/liberaci\u00f3n de disco, y los parches han estado en for-5.18/block."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.31",
"matchCriteriaId": "6C0FC864-77A5-46FD-A8AB-1D4AB43DFFD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.17",
"matchCriteriaId": "DC9A634D-C617-4F8C-ADEF-AF94CE69D687"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/60c2c8e2ef3a3ec79de8cbc80a06ca0c21df8c29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d4ad8736ac982111bb0be8306bf19c8207f6600e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/daaca3522a8e67c46e39ef09c1d542e866f85f3b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

94
CVE-2022/CVE-2022-488xx/CVE-2022-48847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48847",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T13:15:11.950",
"lastModified": "2024-07-16T13:43:58.773",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T17:34:26.853",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,103 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: watch_queue: corrige la verificaci\u00f3n del l\u00edmite del filtro En watch_queue_set_filter(), hay un par de lugares donde verificamos que el valor del tipo de filtro no exceda lo que puede contener el mapa de bits type_filter. Un lugar calcula el n\u00famero de bits mediante: if (tf[i].type >= sizeof(wfilter->type_filter) * 8) lo cual est\u00e1 bien, pero el segundo s\u00ed: if (tf[i].type >= sizeof( wfilter->type_filter) * BITS_PER_LONG) que no lo es. Esto puede provocar un par de escrituras fuera de los l\u00edmites debido a un tipo demasiado grande: (1) __set_bit() en wfilter->type_filter (2) Escribir m\u00e1s elementos en wfilter->filters[] de los que asignamos. Solucione este problema simplemente usando el WATCH_TYPE__NR adecuado, que es la cantidad de tipos que realmente conocemos. El error puede provocar un error parecido a: ERROR: KASAN: slab-out-of-bounds in watch_queue_set_filter+0x659/0x740 Escritura de tama\u00f1o 4 en la direcci\u00f3n ffff88800d2c66bc mediante la tarea watch_queue_oob/611... Seguimiento de llamadas: dump_stack_lvl+ 0x45/0x59 print_address_description.constprop.0+0x1f/0x150 ... kasan_report.cold+0x7f/0x11b ... watch_queue_set_filter+0x659/0x740 ... __x64_sys_ioctl+0x127/0x190 do_syscall_64+0x43/0x90 entrada_ SYSCALL_64_after_hwframe+0x44/0xae Asignado por tarea 611: kasan_save_stack+0x1e/0x40 __kasan_kmalloc+0x81/0xa0 watch_queue_set_filter+0x23a/0x740 __x64_sys_ioctl+0x127/0x190 do_syscall_64+0x43/0x90 Entry_SYSCALL_64_after_hwframe+0x 44/0xae La direcci\u00f3n con errores pertenece al objeto en ffff88800d2c66a0 que pertenece al cach\u00e9 kmalloc-32 de tama\u00f1o 32 La direcci\u00f3n con errores se encuentra a 28 bytes dentro de la regi\u00f3n de 32 bytes [ffff88800d2c66a0, ffff88800d2c66c0)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8",
"versionEndExcluding": "5.10.106",
"matchCriteriaId": "FFACA37D-D2EA-44A7-8ED6-E58EE2222AFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.29",
"matchCriteriaId": "15DC6588-B28F-4637-9A1E-3753B34A40CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.15",
"matchCriteriaId": "83FDEDF2-0E19-4879-91FD-171E66D1B335"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1b09f28f70a5046acd64138075ae3f095238b045",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/648895da69ced90ca770fd941c3d9479a9d72c16",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b36588ebbcef74583824c08352e75838d6fb4ff2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c993ee0f9f81caf5767a50d1faeba39a0dc82af2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2022/CVE-2022-488xx/CVE-2022-48848.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48848",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T13:15:12.023",
"lastModified": "2024-07-16T13:43:58.773",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:43:54.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,75 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: rastreo/osnoise: no cancelar el registro de eventos dos veces Nicolas inform\u00f3 que al usar: # trace-cmd record -e all -M 10 -p osnoise --poll result\u00f3 en la siguiente advertencia del kernel: ------------[ cortar aqu\u00ed ]------------ ADVERTENCIA: CPU: 0 PID: 1217 en kernel/tracepoint.c:404 tracepoint_probe_unregister+0x280/0x370 [ ...] CPU: 0 PID: 1217 Comm: Trace-CMD No contaminado 5.17.0-RC6-Next-20220307-Nico+ #19 RIP: 0010: TRACEPOINT_PROBE_UNREGister+ 0x280/0x370 [...] CR2: 00007ff919b29497 CR3: 00000001099DA4005 CR4: 0000000000170ef0 Seguimiento de llamadas: osnoise_workload_stop+0x36/0x90 tracing_set_tracer+0x108/0x260 tracing_set_trace_write+0x94/0xd0 ? __check_object_size.part.0+0x10a/0x150 ? selinux_file_permission+0x104/0x150 vfs_write+0xb5/0x290 ksys_write+0x5f/0xe0 do_syscall_64+0x3b/0x90 Entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7ff919a18127 [...] ---[ final de seguimiento 0000000000000000 ]--- La advertencia se queja de un intento de cancelar el registro de un punto de seguimiento no registrado. Esto sucede en trace-cmd porque primero detiene el rastreo y luego cambia el rastreador a nop. Lo que equivale a: # cd /sys/kernel/tracing/ # echo osnoise > current_tracer # echo 0 > tracing_on # echo nop > current_tracer El rastreador osnoise detiene la carga de trabajo cuando ninguna instancia de seguimiento est\u00e1 recopilando datos. Esto puede deberse tanto a la desactivaci\u00f3n del rastreo como a la desactivaci\u00f3n del propio rastreador. Para evitar cancelar el registro de eventos dos veces, use la variable trace_osnoise_callback_enabled existente para verificar si los eventos (y la carga de trabajo) est\u00e1n realmente activos antes de intentar desactivarlos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.15",
"matchCriteriaId": "83FDEDF2-0E19-4879-91FD-171E66D1B335"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4e10787d18379d9b296290c2288097feddef16d4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f0cfe17bcc1dd2f0872966b554a148e888833ee9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

10
CVE-2023/CVE-2023-339xx/CVE-2023-33951.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33951",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:11.820",
"lastModified": "2024-03-19T23:15:07.173",
"lastModified": "2024-07-24T16:15:05.013",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -155,6 +155,14 @@
"url": "https://access.redhat.com/errata/RHSA-2024:1404",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4823",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4831",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-33951",
"source": "secalert@redhat.com",

10
CVE-2023/CVE-2023-339xx/CVE-2023-33952.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33952",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:11.893",
"lastModified": "2024-03-19T23:15:07.350",
"lastModified": "2024-07-24T16:15:05.250",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -151,6 +151,14 @@
"url": "https://access.redhat.com/errata/RHSA-2024:1404",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4823",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4831",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-33952",
"source": "secalert@redhat.com",

4
CVE-2023/CVE-2023-452xx/CVE-2023-45249.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45249",
"sourceIdentifier": "security@acronis.com",
"published": "2024-07-24T14:15:04.867",
"lastModified": "2024-07-24T14:15:04.867",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

10
CVE-2023/CVE-2023-56xx/CVE-2023-5633.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5633",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-23T22:15:09.430",
"lastModified": "2024-03-19T23:15:07.477",
"lastModified": "2024-07-24T16:15:05.527",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -161,6 +161,14 @@
"url": "https://access.redhat.com/errata/RHSA-2024:1404",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4823",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4831",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5633",
"source": "secalert@redhat.com",

10
CVE-2024/CVE-2024-11xx/CVE-2024-1151.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1151",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-11T15:15:07.890",
"lastModified": "2024-06-25T23:15:23.590",
"lastModified": "2024-07-24T16:15:05.793",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -52,6 +52,14 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:4823",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4831",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-1151",
"source": "secalert@redhat.com"

4
CVE-2024/CVE-2024-224xx/CVE-2024-22443.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22443",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-07-24T15:15:11.370",
"lastModified": "2024-07-24T15:15:11.370",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

44
CVE-2024/CVE-2024-224xx/CVE-2024-22444.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-22444",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-07-24T16:15:06.220",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victims browser in the context of the affected interface."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04672en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

25
CVE-2024/CVE-2024-319xx/CVE-2024-31970.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-31970",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T16:15:06.600",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1) have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with root-level privileges. An attacker can exploit this window to gain unauthorized root access by either modifying the existing admin account or creating a new account with equivalent privileges. This vulnerability allows attackers to execute arbitrary commands."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-31970",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/actuator/cve/blob/main/AdTran/SRG-834-5",
"source": "cve@mitre.org"
}
]
}

4
CVE-2024/CVE-2024-319xx/CVE-2024-31971.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31971",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T15:15:11.800",
"lastModified": "2024-07-24T15:15:11.800",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-319xx/CVE-2024-31977.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31977",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T15:15:11.863",
"lastModified": "2024-07-24T15:15:11.863",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

21
CVE-2024/CVE-2024-365xx/CVE-2024-36539.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-36539",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T17:15:10.767",
"lastModified": "2024-07-24T17:15:10.767",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/HouqiyuA/c92f9ec979653dceeea947afd0b47a80",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-365xx/CVE-2024-36540.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-36540",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T17:15:10.827",
"lastModified": "2024-07-24T17:15:10.827",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/HouqiyuA/a4834f3c8450f9d89e2bc4d5c4beef6a",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-365xx/CVE-2024-36541.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-36541",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T16:15:06.870",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/HouqiyuA/f972d1c152f3b8127af01206f7c2af0d",
"source": "cve@mitre.org"
}
]
}

4
CVE-2024/CVE-2024-373xx/CVE-2024-37386.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-37386",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-15T19:15:03.430",
"lastModified": "2024-07-16T13:43:58.773",
"lastModified": "2024-07-24T16:15:06.970",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.25, 4.4.0 through 4.7.5, and 4.8.0. Certain manipulations allow restarting in single-user mode despite the activation of secure boot. The following versions fix this: 4.3.27, 4.7.6, and 4.8.1."
"value": "An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.25, 4.4.0 through 4.7.5, and 4.8.0. Certain manipulations allow restarting in single-user mode despite the activation of secure boot. The following versions fix this: 4.3.27, 4.7.6, and 4.8.2."
},
{
"lang": "es",

6
CVE-2024/CVE-2024-385xx/CVE-2024-38526.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38526",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-26T00:15:10.703",
"lastModified": "2024-06-26T12:44:29.693",
"lastModified": "2024-07-24T17:15:10.910",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -51,6 +51,10 @@
{
"url": "https://sansec.io/research/polyfill-supply-chain-attack",
"source": "security-advisories@github.com"
},
{
"url": "https://www.vicarius.io/vsociety/posts/polyfillio-in-pdoc-cve-2024-38526",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2024/CVE-2024-38xx/CVE-2024-3896.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3896",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-24T13:15:10.453",
"lastModified": "2024-07-24T13:15:10.453",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-393xx/CVE-2024-39345.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39345",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T15:15:12.360",
"lastModified": "2024-07-24T15:15:12.360",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

29
CVE-2024/CVE-2024-404xx/CVE-2024-40422.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-40422",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T16:15:07.087",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. An attacker can manipulate the snapshot_path parameter to traverse directories and access sensitive files on the server. This can potentially lead to unauthorized access to critical system files and compromise the confidentiality and integrity of the system."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/alpernae/CVE-2024-40422",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/stitionai/devika",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/stitionai/devika/pull/619",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-405xx/CVE-2024-40575.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-40575",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T16:15:07.150",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Huawei Technologies opengauss (openGauss 5.0.0 build) v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes"
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/RuiHuaLiu2023/92059b0fa6c625e3d39001c5a9b2dc71",
"source": "cve@mitre.org"
},
{
"url": "https://opengauss.org",
"source": "cve@mitre.org"
}
]
}

108
CVE-2024/CVE-2024-411xx/CVE-2024-41110.json Normal file
View File

@ -0,0 +1,108 @@
{
"id": "CVE-2024-41110",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-24T17:15:11.053",
"lastModified": "2024-07-24T17:15:11.053",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood of this being exploited is low.\n\nUsing a specially-crafted API request, an Engine API client could make the daemon forward the request or response to an authorization plugin without the body. In certain circumstances, the authorization plugin may allow a request which it would have otherwise denied if the body had been forwarded to it.\n\nA security issue was discovered In 2018, where an attacker could bypass AuthZ plugins using a specially crafted API request. This could lead to unauthorized actions, including privilege escalation. Although this issue was fixed in Docker Engine v18.09.1 in January 2019, the fix was not carried forward to later major versions, resulting in a regression. Anyone who depends on authorization plugins that introspect the request and/or response body to make access control decisions is potentially impacted.\n\nDocker EE v19.03.x and all versions of Mirantis Container Runtime are not vulnerable.\n\ndocker-ce v27.1.1 containes patches to fix the vulnerability. Patches have also been merged into the master, 19.0, 20.0, 23.0, 24.0, 25.0, 26.0, and 26.1 release branches. If one is unable to upgrade immediately, avoid using AuthZ plugins and/or restrict access to the Docker API to trusted parties, following the principle of least privilege."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-187"
},
{
"lang": "en",
"value": "CWE-444"
},
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq",
"source": "security-advisories@github.com"
},
{
"url": "https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-416xx/CVE-2024-41662.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-41662",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-24T17:15:11.310",
"lastModified": "2024-07-24T17:15:11.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VNote is a note-taking platform. A Cross-Site Scripting (XSS) vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which remote code execution can be achieved. A patch for this issue is available at commit f1af78573a0ef51d6ef6a0bc4080cddc8f30a545. Other mitigation strategies include implementing rigorous input sanitization for all Markdown content and utilizing a secure Markdown parser that appropriately escapes or strips potentially dangerous content."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/vnotex/vnote/commit/f1af78573a0ef51d6ef6a0bc4080cddc8f30a545",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vnotex/vnote/security/advisories/GHSA-w655-h68w-vxxc",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2024/CVE-2024-419xx/CVE-2024-41914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41914",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-07-24T15:15:12.437",
"lastModified": "2024-07-24T15:15:12.437",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

76
CVE-2024/CVE-2024-46xx/CVE-2024-4608.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4608",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T04:15:12.953",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-24T17:59:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -39,22 +59,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:artbees:sellkit:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "A81904B7-DC36-46FF-A456-15AE051499AB"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/sellkit/trunk/includes/elementor/modules/optin/fields/acceptance.php#L31",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/sellkit/trunk/includes/elementor/modules/optin/fields/field-base.php#L304",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/sellkit/trunk/includes/elementor/modules/optin/widgets/optin.php#L48",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9fbb31a5-9ed2-445a-b309-a9835128eb44?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-47xx/CVE-2024-4707.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4707",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T04:15:13.213",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-24T17:59:29.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -39,18 +59,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:extendthemes:materialis_companion:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.42",
"matchCriteriaId": "756794DB-0668-4C6D-AC2A-9A0873861323"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/materialis-companion/trunk/theme-data/materialis/functions.php#L90",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3097691%40materialis-companion&new=3097691%40materialis-companion&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ca4dff0-ca3a-44cf-a30b-36b31d2848ab?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-51xx/CVE-2024-5141.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5141",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T04:15:13.467",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-24T17:58:54.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -39,14 +59,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martintod:rotating_tweets:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.9.10",
"matchCriteriaId": "248D59F8-5F00-44ED-AAEA-BE8C596053C4"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/rotatingtweets/tags/1.9.10/rotatingtweets.php#L2267",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/02cff893-4f41-4bb0-9fb0-344a3a8afa0b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-51xx/CVE-2024-5152.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5152",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T04:15:13.720",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-24T17:58:12.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -39,14 +59,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quomodosoft:elementsready:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.2.0",
"matchCriteriaId": "C03C52A1-929C-40BA-81D1-98B77C7EAFCE"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/element-ready-lite/trunk/inc/Widgets/info_box/Element_Ready_Info_Box_Widget.php#L742",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d2cffdc3-bd74-42ab-befd-8a396c5d990d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-51xx/CVE-2024-5153.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5153",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T04:15:13.950",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-24T17:56:55.923",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
@ -39,14 +59,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:web-shop-host:startklar_elmentor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7.15",
"matchCriteriaId": "789B45D4-F092-416D-B168-75983627FC2E"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/startklar-elmentor-forms-extwidgets/trunk/widgets/dropzone_form_field.php#L334",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/baa20290-9c01-4f8d-adeb-fbfb15b9d6a9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-51xx/CVE-2024-5161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5161",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T04:15:14.217",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-24T17:54:42.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -39,18 +59,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpthemespace:magical_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.40",
"matchCriteriaId": "654739CB-C2F5-40A7-A492-9D70AFB5B6B8"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/magical-addons-for-elementor/trunk/includes/widgets/advance-skill-bars.php#L502",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3098054%40magical-addons-for-elementor&new=3098054%40magical-addons-for-elementor&sfp_email=&sfph_mail=#file9",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cb64952e-170e-47c5-87fd-d2ec60192b65?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-51xx/CVE-2024-5162.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5162",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T04:15:14.463",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-24T17:53:33.277",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -39,14 +59,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:master-addons:prettyphoto:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.3",
"matchCriteriaId": "3F69CFB7-7101-4E1F-8C76-5720791BD533"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/prettyphoto/trunk/addon/jltma-wpf-addon.php#L96",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c581616d-c9e7-46f2-9c2f-5e082a13fd0b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-53xx/CVE-2024-5324.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5324",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T02:15:54.890",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-24T17:42:49.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,18 +39,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xootix:login\\/signup_popup:2.7.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "463688D0-AC8A-428E-8073-4BFBB480242E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xootix:login\\/signup_popup:2.7.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "4FF28D92-2AA6-4CB1-BC92-9A9E849A111A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xootix:otp_login_woocommerce_\\&_gravity_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.6.2",
"matchCriteriaId": "67F08207-88C3-4853-A9D7-276CFFCFA841"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xootix:side_cart_woocommerce:2.5:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0040784F-7863-41D5-84DA-04A2DBA96D72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xootix:waitlist_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.6.1",
"matchCriteriaId": "A719E0CB-3CD0-42EF-BCB3-73C6B2C6396B"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php#L83",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3093994/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/005a27c6-b9eb-466c-b0c3-ce52c25bb321?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-54xx/CVE-2024-5449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5449",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T04:15:14.720",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-24T17:47:44.637",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,7 +18,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -36,21 +36,80 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wppool:wp_dark_mode:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.0.5",
"matchCriteriaId": "03740D66-8A01-45D6-9ECD-E2ABCA5203AE"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-dark-mode/trunk/includes/modules/social-share/class-social-share.php#L581",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3096290/wp-dark-mode/trunk?contextall=1&old=3073245&old_path=%2Fwp-dark-mode%2Ftrunk",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7d20733-d61b-4b2f-8597-528644f0bc26?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-58xx/CVE-2024-5818.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5818",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-24T13:15:10.680",
"lastModified": "2024-07-24T13:15:10.680",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-60xx/CVE-2024-6096.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6096",
"sourceIdentifier": "security@progress.com",
"published": "2024-07-24T14:15:06.070",
"lastModified": "2024-07-24T14:15:06.070",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-63xx/CVE-2024-6327.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6327",
"sourceIdentifier": "security@progress.com",
"published": "2024-07-24T14:15:06.283",
"lastModified": "2024-07-24T14:15:06.283",
"vulnStatus": "Received",
"lastModified": "2024-07-24T17:12:32.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

21
CVE-2024/CVE-2024-69xx/CVE-2024-6900.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6900",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-19T07:15:02.083",
"lastModified": "2024-07-19T19:54:20.537",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:55:06.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file edit_emp.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271925 was assigned to this vulnerability."
},
{
"lang": "es",
"value": " Se encontr\u00f3 una vulnerabilidad en SourceCodester Record Management System 1.0. Ha sido calificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo edit_emp.php. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-271925."
}
],
"metrics": {
@ -145,8 +149,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jkev:record_managment_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1D0389-96B4-43AE-B089-19085B91C0E9"
"criteria": "cpe:2.3:a:jkev:record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "457BEE12-29ED-48B8-8C96-E181F0E80B56"
}
]
}
@ -166,21 +170,24 @@
"url": "https://vuldb.com/?ctiid.271925",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.271925",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.375193",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"VDB Entry"
]
}
]

21
CVE-2024/CVE-2024-69xx/CVE-2024-6901.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6901",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-19T07:15:02.757",
"lastModified": "2024-07-19T19:55:00.210",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T16:55:57.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodester Record Management System 1.0. Affected is an unknown function of the file entry.php. The manipulation of the argument school leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-271926 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en SourceCodester Record Management System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo Entry.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento school conduce a la inyecci\u00f3n de SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-271926 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
@ -145,8 +149,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jkev:record_managment_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1D0389-96B4-43AE-B089-19085B91C0E9"
"criteria": "cpe:2.3:a:jkev:record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "457BEE12-29ED-48B8-8C96-E181F0E80B56"
}
]
}
@ -166,21 +170,24 @@
"url": "https://vuldb.com/?ctiid.271926",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.271926",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.375194",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"VDB Entry"
]
}
]

Some files were not shown because too many files have changed in this diff Show More