-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2024-12-03T19:00:25.275105+00:00
- Loading branch information
1 parent
66b91c8
commit 8dbbdf8
Showing
57 changed files
with
4,127 additions
and
301 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,16 +2,55 @@ | |
| "id": "CVE-2018-9414", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-02T21:15:09.757", | ||
| "lastModified": "2024-12-02T21:15:09.757", | ||
| "lastModified": "2024-12-03T18:15:11.267", | ||
| "vulnStatus": "Received", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In gattServerSendResponseNative of com_android_bluetooth_gatt.cpp, there is\u00a0a possible out of bounds stack write due to a missing bounds check. This\u00a0could lead to local escalation of privilege with User execution privileges\u00a0needed. User interaction is not needed for exploitation." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "En gattServerSendResponseNative de com_android_bluetooth_gatt.cpp, existe una posible escritura en la pila fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar una escalada local de privilegios con privilegios de ejecuci\u00f3n de usuario necesarios. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", | ||
| "baseScore": 7.8, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.8, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-787" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| { | ||
| "id": "CVE-2021-29892", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-12-03T17:15:05.760", | ||
| "lastModified": "2024-12-03T17:15:05.760", | ||
| "vulnStatus": "Received", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", | ||
| "baseScore": 5.9, | ||
| "baseSeverity": "MEDIUM", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "HIGH", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "NONE", | ||
| "availabilityImpact": "NONE" | ||
| }, | ||
| "exploitabilityScore": 2.2, | ||
| "impactScore": 3.6 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-319" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://www.ibm.com/support/pages/node/7177220", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2023-31307", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-08-13T17:15:20.500", | ||
| "lastModified": "2024-08-14T02:07:05.410", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "lastModified": "2024-12-03T17:15:07.017", | ||
| "vulnStatus": "Undergoing Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -23,22 +23,34 @@ | |
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", | ||
| "baseScore": 2.3, | ||
| "baseSeverity": "LOW", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "HIGH", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "NONE", | ||
| "integrityImpact": "NONE", | ||
| "availabilityImpact": "LOW", | ||
| "baseScore": 2.3, | ||
| "baseSeverity": "LOW" | ||
| "availabilityImpact": "LOW" | ||
| }, | ||
| "exploitabilityScore": 0.8, | ||
| "impactScore": 1.4 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-129" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,13 @@ | |
| "id": "CVE-2023-31348", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-08-13T17:15:21.307", | ||
| "lastModified": "2024-08-14T15:35:02.560", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "lastModified": "2024-12-03T18:46:38.467", | ||
| "vulnStatus": "Analyzed", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "A DLL hijacking vulnerability in AMD \u03bcProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution." | ||
| "value": "A DLL hijacking vulnerability in AMD ?Prof could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
|
|
@@ -23,23 +23,53 @@ | |
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", | ||
| "baseScore": 7.3, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH", | ||
| "baseScore": 7.3, | ||
| "baseSeverity": "HIGH" | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.3, | ||
| "impactScore": 5.9 | ||
| }, | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", | ||
| "baseScore": 7.8, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.8, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-427" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
|
|
@@ -51,10 +81,43 @@ | |
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
| { | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:amd:uprof:*:*:*:*:*:linux:*:*", | ||
| "versionEndExcluding": "4.1.424", | ||
| "matchCriteriaId": "4B13FA61-9E51-45AF-A0F8-0C3A518B390A" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:amd:uprof:*:*:*:*:*:freebsd:*:*", | ||
| "versionEndExcluding": "4.2.816", | ||
| "matchCriteriaId": "50D6F227-1657-451F-AF90-A68B6A4BF03A" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:amd:uprof:*:*:*:*:*:windows:*:*", | ||
| "versionEndExcluding": "4.2.845", | ||
| "matchCriteriaId": "E175F21E-6872-42B1-8C4C-6B473440EE12" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Vendor Advisory" | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2023-31349", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-08-13T17:15:21.500", | ||
| "lastModified": "2024-08-14T02:07:05.410", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "lastModified": "2024-12-03T18:37:37.340", | ||
| "vulnStatus": "Analyzed", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -23,19 +23,39 @@ | |
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", | ||
| "baseScore": 7.3, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH", | ||
| "baseScore": 7.3, | ||
| "baseSeverity": "HIGH" | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.3, | ||
| "impactScore": 5.9 | ||
| }, | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", | ||
| "baseScore": 7.8, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.8, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
|
|
@@ -49,12 +69,55 @@ | |
| "value": "CWE-276" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-276" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
| { | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:amd:uprof:*:*:*:*:*:linux:*:*", | ||
| "versionEndExcluding": "4.1.424", | ||
| "matchCriteriaId": "4B13FA61-9E51-45AF-A0F8-0C3A518B390A" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:amd:uprof:*:*:*:*:*:freebsd:*:*", | ||
| "versionEndExcluding": "4.2.816", | ||
| "matchCriteriaId": "50D6F227-1657-451F-AF90-A68B6A4BF03A" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:amd:uprof:*:*:*:*:*:windows:*:*", | ||
| "versionEndExcluding": "4.2.845", | ||
| "matchCriteriaId": "E175F21E-6872-42B1-8C4C-6B473440EE12" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Vendor Advisory" | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
Oops, something went wrong.