Skip to content

Commit 69c6048

Browse files
cad-safe-botcad-safe-bot
committed
Auto-Update: 2025-03-18T23:00:20.538864+00:00
1 parent f047872 commit 69c6048

File tree

46 files changed

+1548
-318
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

46 files changed

+1548
-318
lines changed

CVE-2018/CVE-2018-94xx/CVE-2018-9461.json

Lines changed: 37 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
"id": "CVE-2018-9461",
33
"sourceIdentifier": "[email protected]",
44
"published": "2025-01-18T00:15:25.043",
5-
"lastModified": "2025-02-18T21:15:13.473",
5+
"lastModified": "2025-03-18T21:15:22.917",
66
"vulnStatus": "Awaiting Analysis",
77
"cveTags": [],
88
"descriptions": [
@@ -15,7 +15,42 @@
1515
"value": "En onAttachFragment de ShareIntentActivity.java, existe una forma posible de que una aplicaci\u00f3n lea archivos en la aplicaci\u00f3n de mensajes debido a una condici\u00f3n ejecuci\u00f3n. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
1616
}
1717
],
18-
"metrics": {},
18+
"metrics": {
19+
"cvssMetricV31": [
20+
{
21+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
22+
"type": "Secondary",
23+
"cvssData": {
24+
"version": "3.1",
25+
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
26+
"baseScore": 7.0,
27+
"baseSeverity": "HIGH",
28+
"attackVector": "LOCAL",
29+
"attackComplexity": "HIGH",
30+
"privilegesRequired": "LOW",
31+
"userInteraction": "NONE",
32+
"scope": "UNCHANGED",
33+
"confidentialityImpact": "HIGH",
34+
"integrityImpact": "HIGH",
35+
"availabilityImpact": "HIGH"
36+
},
37+
"exploitabilityScore": 1.0,
38+
"impactScore": 5.9
39+
}
40+
]
41+
},
42+
"weaknesses": [
43+
{
44+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
45+
"type": "Secondary",
46+
"description": [
47+
{
48+
"lang": "en",
49+
"value": "CWE-362"
50+
}
51+
]
52+
}
53+
],
1954
"references": [
2055
{
2156
"url": "https://source.android.com/security/bulletin/pixel/2018-08-01",

CVE-2022/CVE-2022-238xx/CVE-2022-23815.json

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,8 @@
22
"id": "CVE-2022-23815",
33
"sourceIdentifier": "[email protected]",
44
"published": "2024-08-13T17:15:18.197",
5-
"lastModified": "2025-01-03T18:04:08.963",
6-
"vulnStatus": "Analyzed",
5+
"lastModified": "2025-03-18T21:15:23.087",
6+
"vulnStatus": "Modified",
77
"cveTags": [],
88
"descriptions": [
99
{
@@ -69,6 +69,16 @@
6969
"value": "CWE-787"
7070
}
7171
]
72+
},
73+
{
74+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
75+
"type": "Secondary",
76+
"description": [
77+
{
78+
"lang": "en",
79+
"value": "CWE-787"
80+
}
81+
]
7282
}
7383
],
7484
"configurations": [

CVE-2023/CVE-2023-370xx/CVE-2023-37036.json

Lines changed: 31 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
"id": "CVE-2023-37036",
33
"sourceIdentifier": "[email protected]",
44
"published": "2025-01-21T23:15:10.970",
5-
"lastModified": "2025-02-18T21:15:18.833",
5+
"lastModified": "2025-03-18T21:15:23.263",
66
"vulnStatus": "Modified",
77
"cveTags": [],
88
"descriptions": [
@@ -36,6 +36,26 @@
3636
},
3737
"exploitabilityScore": 2.8,
3838
"impactScore": 3.6
39+
},
40+
{
41+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
42+
"type": "Secondary",
43+
"cvssData": {
44+
"version": "3.1",
45+
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
46+
"baseScore": 6.5,
47+
"baseSeverity": "MEDIUM",
48+
"attackVector": "ADJACENT_NETWORK",
49+
"attackComplexity": "LOW",
50+
"privilegesRequired": "NONE",
51+
"userInteraction": "NONE",
52+
"scope": "UNCHANGED",
53+
"confidentialityImpact": "NONE",
54+
"integrityImpact": "NONE",
55+
"availabilityImpact": "HIGH"
56+
},
57+
"exploitabilityScore": 2.8,
58+
"impactScore": 3.6
3959
}
4060
]
4161
},
@@ -49,6 +69,16 @@
4969
"value": "CWE-476"
5070
}
5171
]
72+
},
73+
{
74+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
75+
"type": "Secondary",
76+
"description": [
77+
{
78+
"lang": "en",
79+
"value": "CWE-476"
80+
}
81+
]
5282
}
5383
],
5484
"configurations": [

CVE-2023/CVE-2023-523xx/CVE-2023-52379.json

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,8 @@
22
"id": "CVE-2023-52379",
33
"sourceIdentifier": "[email protected]",
44
"published": "2024-02-18T07:15:09.070",
5-
"lastModified": "2025-03-13T14:50:11.897",
6-
"vulnStatus": "Analyzed",
5+
"lastModified": "2025-03-18T21:15:23.413",
6+
"vulnStatus": "Modified",
77
"cveTags": [],
88
"descriptions": [
99
{
@@ -49,6 +49,16 @@
4949
"value": "NVD-CWE-noinfo"
5050
}
5151
]
52+
},
53+
{
54+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
55+
"type": "Secondary",
56+
"description": [
57+
{
58+
"lang": "en",
59+
"value": "CWE-276"
60+
}
61+
]
5262
}
5363
],
5464
"configurations": [

CVE-2024/CVE-2024-125xx/CVE-2024-12563.json

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
{
2+
"id": "CVE-2024-12563",
3+
"sourceIdentifier": "[email protected]",
4+
"published": "2025-03-18T21:15:23.590",
5+
"lastModified": "2025-03-18T21:15:23.590",
6+
"vulnStatus": "Received",
7+
"cveTags": [],
8+
"descriptions": [
9+
{
10+
"lang": "en",
11+
"value": "The s2Member Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 250214 via the 'template' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution."
12+
}
13+
],
14+
"metrics": {
15+
"cvssMetricV31": [
16+
{
17+
"source": "[email protected]",
18+
"type": "Primary",
19+
"cvssData": {
20+
"version": "3.1",
21+
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
22+
"baseScore": 8.8,
23+
"baseSeverity": "HIGH",
24+
"attackVector": "NETWORK",
25+
"attackComplexity": "LOW",
26+
"privilegesRequired": "LOW",
27+
"userInteraction": "NONE",
28+
"scope": "UNCHANGED",
29+
"confidentialityImpact": "HIGH",
30+
"integrityImpact": "HIGH",
31+
"availabilityImpact": "HIGH"
32+
},
33+
"exploitabilityScore": 2.8,
34+
"impactScore": 5.9
35+
}
36+
]
37+
},
38+
"weaknesses": [
39+
{
40+
"source": "[email protected]",
41+
"type": "Primary",
42+
"description": [
43+
{
44+
"lang": "en",
45+
"value": "CWE-98"
46+
}
47+
]
48+
}
49+
],
50+
"references": [
51+
{
52+
"url": "https://s2member.com/changelog/",
53+
"source": "[email protected]"
54+
},
55+
{
56+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3326e9d-504f-444f-baf7-03989594f483?source=cve",
57+
"source": "[email protected]"
58+
}
59+
]
60+
}

CVE-2024/CVE-2024-220xx/CVE-2024-22074.json

Lines changed: 31 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
"id": "CVE-2024-22074",
33
"sourceIdentifier": "[email protected]",
44
"published": "2024-06-06T21:15:48.180",
5-
"lastModified": "2024-11-21T08:55:30.200",
5+
"lastModified": "2025-03-18T21:15:23.753",
66
"vulnStatus": "Modified",
77
"cveTags": [],
88
"descriptions": [
@@ -36,6 +36,26 @@
3636
},
3737
"exploitabilityScore": 3.9,
3838
"impactScore": 5.9
39+
},
40+
{
41+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
42+
"type": "Secondary",
43+
"cvssData": {
44+
"version": "3.1",
45+
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
46+
"baseScore": 9.8,
47+
"baseSeverity": "CRITICAL",
48+
"attackVector": "NETWORK",
49+
"attackComplexity": "LOW",
50+
"privilegesRequired": "NONE",
51+
"userInteraction": "NONE",
52+
"scope": "UNCHANGED",
53+
"confidentialityImpact": "HIGH",
54+
"integrityImpact": "HIGH",
55+
"availabilityImpact": "HIGH"
56+
},
57+
"exploitabilityScore": 3.9,
58+
"impactScore": 5.9
3959
}
4060
]
4161
},
@@ -49,6 +69,16 @@
4969
"value": "NVD-CWE-noinfo"
5070
}
5171
]
72+
},
73+
{
74+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
75+
"type": "Secondary",
76+
"description": [
77+
{
78+
"lang": "en",
79+
"value": "CWE-284"
80+
}
81+
]
5282
}
5383
],
5484
"configurations": [

CVE-2024/CVE-2024-244xx/CVE-2024-24419.json

Lines changed: 31 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
"id": "CVE-2024-24419",
33
"sourceIdentifier": "[email protected]",
44
"published": "2025-01-21T23:15:11.910",
5-
"lastModified": "2025-02-18T21:15:20.623",
5+
"lastModified": "2025-03-18T21:15:23.910",
66
"vulnStatus": "Modified",
77
"cveTags": [],
88
"descriptions": [
@@ -36,6 +36,26 @@
3636
},
3737
"exploitabilityScore": 3.9,
3838
"impactScore": 3.6
39+
},
40+
{
41+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
42+
"type": "Secondary",
43+
"cvssData": {
44+
"version": "3.1",
45+
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
46+
"baseScore": 7.5,
47+
"baseSeverity": "HIGH",
48+
"attackVector": "NETWORK",
49+
"attackComplexity": "LOW",
50+
"privilegesRequired": "NONE",
51+
"userInteraction": "NONE",
52+
"scope": "UNCHANGED",
53+
"confidentialityImpact": "NONE",
54+
"integrityImpact": "NONE",
55+
"availabilityImpact": "HIGH"
56+
},
57+
"exploitabilityScore": 3.9,
58+
"impactScore": 3.6
3959
}
4060
]
4161
},
@@ -49,6 +69,16 @@
4969
"value": "CWE-120"
5070
}
5171
]
72+
},
73+
{
74+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
75+
"type": "Secondary",
76+
"description": [
77+
{
78+
"lang": "en",
79+
"value": "CWE-120"
80+
}
81+
]
5282
}
5383
],
5484
"configurations": [

CVE-2024/CVE-2024-244xx/CVE-2024-24445.json

Lines changed: 37 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
"id": "CVE-2024-24445",
33
"sourceIdentifier": "[email protected]",
44
"published": "2025-01-21T22:15:11.847",
5-
"lastModified": "2025-02-18T21:15:21.660",
5+
"lastModified": "2025-03-18T21:15:24.047",
66
"vulnStatus": "Awaiting Analysis",
77
"cveTags": [],
88
"descriptions": [
@@ -15,7 +15,42 @@
1515
"value": "OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contiene una desreferencia nula en su gesti\u00f3n de mensajes de protocolo NGAP no compatibles, lo que permite que un atacante con acceso adyacente a la red a AMF lleve a cabo una denegaci\u00f3n de servicio. Cuando se recibe una tupla de c\u00f3digo de procedimiento/campo de presencia que no es compatible, OAI indexa en un puntero de funci\u00f3n nulo y posteriormente lo desreferencia."
1616
}
1717
],
18-
"metrics": {},
18+
"metrics": {
19+
"cvssMetricV31": [
20+
{
21+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
22+
"type": "Secondary",
23+
"cvssData": {
24+
"version": "3.1",
25+
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
26+
"baseScore": 6.5,
27+
"baseSeverity": "MEDIUM",
28+
"attackVector": "ADJACENT_NETWORK",
29+
"attackComplexity": "LOW",
30+
"privilegesRequired": "NONE",
31+
"userInteraction": "NONE",
32+
"scope": "UNCHANGED",
33+
"confidentialityImpact": "NONE",
34+
"integrityImpact": "NONE",
35+
"availabilityImpact": "HIGH"
36+
},
37+
"exploitabilityScore": 2.8,
38+
"impactScore": 3.6
39+
}
40+
]
41+
},
42+
"weaknesses": [
43+
{
44+
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
45+
"type": "Secondary",
46+
"description": [
47+
{
48+
"lang": "en",
49+
"value": "CWE-476"
50+
}
51+
]
52+
}
53+
],
1954
"references": [
2055
{
2156
"url": "http://openairinterface.com",

0 commit comments

Comments
 (0)