-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2024-12-06T09:59:00.639117+00:00
- Loading branch information
1 parent
9f89cfe
commit 27c9f3c
Showing
365 changed files
with
23,841 additions
and
1,514 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,15 +2,38 @@ | |
| "id": "CVE-2005-3170", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2005-10-06T10:02:00.000", | ||
| "lastModified": "2024-11-21T00:01:16.247", | ||
| "lastModified": "2024-12-05T21:15:05.520", | ||
| "vulnStatus": "Modified", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates using LDAP Secure Sockets Layer (LDAPS) even when the Certificate Authority (CA) is not trusted, which could allow attackers to trick users into believing that they are accessing a trusted site." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", | ||
| "baseScore": 5.0, | ||
| "baseSeverity": "MEDIUM", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "HIGH", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "LOW", | ||
| "integrityImpact": "LOW", | ||
| "availabilityImpact": "LOW" | ||
| }, | ||
| "exploitabilityScore": 1.6, | ||
| "impactScore": 3.4 | ||
| } | ||
| ], | ||
| "cvssMetricV2": [ | ||
| { | ||
| "source": "[email protected]", | ||
|
|
@@ -47,6 +70,16 @@ | |
| "value": "CWE-295" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-295" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| { | ||
| "id": "CVE-2017-13308", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-05T22:15:18.177", | ||
| "lastModified": "2024-12-05T22:15:18.177", | ||
| "vulnStatus": "Received", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| { | ||
| "id": "CVE-2018-9386", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-05T23:15:04.607", | ||
| "lastModified": "2024-12-05T23:15:04.607", | ||
| "vulnStatus": "Received", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In reboot_block_command of htc reboot_block driver, there is a possible\n stack buffer overflow due to a missing bounds check. This could lead to\n local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| { | ||
| "id": "CVE-2018-9388", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-05T23:15:04.703", | ||
| "lastModified": "2024-12-05T23:15:04.703", | ||
| "vulnStatus": "Received", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| { | ||
| "id": "CVE-2018-9390", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-05T23:15:04.793", | ||
| "lastModified": "2024-12-05T23:15:04.793", | ||
| "vulnStatus": "Received", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In procfile_write of gl_proc.c, there is a possible out of bounds read of a\n function pointer due to an incorrect bounds check. This could lead to local\n escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| { | ||
| "id": "CVE-2018-9391", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-05T23:15:04.877", | ||
| "lastModified": "2024-12-05T23:15:04.877", | ||
| "vulnStatus": "Received", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In update_gps_sv and output_vzw_debug of\n vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor\n ker.c, there is a possible out of bounds write due to a missing bounds\n check. This could lead to local escalation of privilege with System\n execution privileges needed. User interaction is not needed for\n exploitation." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,16 +2,55 @@ | |
| "id": "CVE-2018-9392", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-04T18:15:08.833", | ||
| "lastModified": "2024-12-04T18:15:08.833", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-12-05T19:15:05.197", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "En get_binary de vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar una escalada local de privilegios con privilegios de ejecuci\u00f3n de System necesarios. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", | ||
| "baseScore": 7.8, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.8, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-787" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,16 +2,55 @@ | |
| "id": "CVE-2018-9393", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-04T18:15:09.850", | ||
| "lastModified": "2024-12-04T18:15:09.850", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-12-05T19:15:06.160", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In procfile_write of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "En procfile_write de drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c, existe una posible escritura OOB debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", | ||
| "baseScore": 7.8, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.8, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-787" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,16 +2,55 @@ | |
| "id": "CVE-2018-9394", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-04T18:15:10.003", | ||
| "lastModified": "2024-12-04T18:15:10.003", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-12-05T18:15:19.417", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "En mtk_p2p_wext_set_key de drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c, existe una posible escritura OOB debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una escalada local de privilegios, siendo necesarios los privilegios de ejecuci\u00f3n de System. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", | ||
| "baseScore": 7.8, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.8, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-787" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", | ||
|
|
||
Oops, something went wrong.