Skip to content

Commit

Permalink
Auto-Update: 2024-01-11T19:00:35.042428+00:00
Browse files Browse the repository at this point in the history
  • Loading branch information
@cad-safe-bot
cad-safe-bot committed Jan 11, 2024
1 parent 321f859 commit ede2f09
Show file tree
Hide file tree
Showing 106 changed files with 6,801 additions and 390 deletions.
69 changes: 65 additions & 4 deletions CVE-2018/CVE-2018-250xx/CVE-2018-25095.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,19 +2,80 @@
"id": "CVE-2018-25095",
"sourceIdentifier": "[email protected]",
"published": "2024-01-08T19:15:08.377",
"lastModified": "2024-01-08T19:30:10.403",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-11T18:42:09.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Duplicator WordPress plugin before 1.3.0 does not properly escape values when its installer script replaces values in WordPress configuration files. If this installer script is left on the site after use, it could be use to run arbitrary code on the server."
},
{
"lang": "es",
"value": "El complemento Duplicator de WordPress anterior a 1.3.0 no escapa correctamente de los valores cuando su script de instalaci\u00f3n reemplaza los valores en los archivos de configuraci\u00f3n de WordPress. Si este script de instalaci\u00f3n se deja en el sitio despu\u00e9s de su uso, podr\u00eda usarse para ejecutar c\u00f3digo arbitrario en el servidor."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:snapcreek:duplicator:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "1.3.0",
"matchCriteriaId": "752DF250-06AD-4C5F-9B45-7E931FD0176A"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/16cc47aa-cb31-4114-b014-7ac5fbc1d3ee",
"source": "[email protected]"
"source": "[email protected]",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}
184 changes: 179 additions & 5 deletions CVE-2021/CVE-2021-36xx/CVE-2021-3600.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,40 @@
"id": "CVE-2021-3600",
"sourceIdentifier": "[email protected]",
"published": "2024-01-08T19:15:08.470",
"lastModified": "2024-01-08T19:30:10.403",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-11T18:40:05.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la implementaci\u00f3n de eBPF en el kernel de Linux no rastreaba adecuadamente la informaci\u00f3n de l\u00edmites para registros de 32 bits al realizar operaciones div y mod. Un atacante local podr\u00eda usar esto para posiblemente ejecutar c\u00f3digo arbitrario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "[email protected]",
"type": "Secondary",
Expand All @@ -34,18 +58,168 @@
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14",
"versionEndExcluding": "4.19.206",
"matchCriteriaId": "FD710309-3897-495A-8AE3-4BD2EFA790E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.98",
"matchCriteriaId": "63AA484E-2A18-4FCA-BA34-62E23959CC68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.16",
"matchCriteriaId": "6C5091DA-0121-43C7-B18B-60A1917F30BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "18B1C9CE-F7E4-426B-A770-79F86AB5CC38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7A70E596-2EF7-4651-B2EF-2CEE31DB6893"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "18C82C96-2853-4DFE-93AD-F6E59B4129CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A330B043-47EA-4D06-82BF-153A1735FC11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F0EE963C-B36C-4143-96A9-65BCA7D8F2EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc6:*:*:*:*:*:*",
"matchCriteriaId": "B511E2F6-2917-4797-8909-8F7EA4870C7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc7:*:*:*:*:*:*",
"matchCriteriaId": "E9FA9D80-C790-41EA-8A21-DF7B170465E0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
}
],
"references": [
{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600",
"source": "[email protected]"
"source": "[email protected]",
"tags": [
"Product"
]
},
{
"url": "https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90",
"source": "[email protected]"
"source": "[email protected]",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://ubuntu.com/security/notices/USN-5003-1",
"source": "[email protected]"
"source": "[email protected]",
"tags": [
"Third Party Advisory"
]
}
]
}
Loading

0 comments on commit ede2f09

Please sign in to comment.