-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2024-11-18T21:00:20.087230+00:00
- Loading branch information
1 parent
88fca70
commit 93a968c
Showing
39 changed files
with
2,439 additions
and
584 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
| "id": "CVE-2021-27700", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-11-12T23:15:03.580", | ||
| "lastModified": "2024-11-13T17:01:16.850", | ||
| "lastModified": "2024-11-18T19:35:00.800", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
|
|
@@ -15,7 +15,42 @@ | |
| "value": "SOCIFI Socifi Guest wifi como portal wifi SAAS, se ve afectado por permisos inseguros. Cualquier cliente autorizado con modo de socio puede cambiar al panel de control de otro cliente y realizar acciones como modificar usuarios, eliminar usuarios, etc." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "LOW", | ||
| "baseScore": 7.6, | ||
| "baseSeverity": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 2.1, | ||
| "impactScore": 5.5 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-639" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2021-27700", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
| "id": "CVE-2021-27701", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-11-12T23:15:03.700", | ||
| "lastModified": "2024-11-13T17:01:16.850", | ||
| "lastModified": "2024-11-18T19:35:01.613", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
|
|
@@ -15,7 +15,42 @@ | |
| "value": "SOCIFI Socifi Guest wifi como SAAS se ve afectado por Cross Site Request Forgery (CSRF) a trav\u00e9s del portal de wifi de Socifi. La aplicaci\u00f3n no contiene un token CSRF ni validaci\u00f3n de solicitud. Un atacante puede agregar o modificar cualquier dato de usuario aleatorio enviando una solicitud CSRF manipulada." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "CHANGED", | ||
| "confidentialityImpact": "NONE", | ||
| "integrityImpact": "LOW", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 4.7, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 2.8, | ||
| "impactScore": 1.4 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-352" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2021-27701", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
| "id": "CVE-2023-38920", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-11-13T20:15:16.840", | ||
| "lastModified": "2024-11-15T14:00:09.720", | ||
| "lastModified": "2024-11-18T20:35:01.540", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
|
|
@@ -15,7 +15,42 @@ | |
| "value": "La vulnerabilidad de Cross-Site Scripting en Cyber Cafe Management System v.1.0 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de una secuencia de comandos dise\u00f1ada espec\u00edficamente para el par\u00e1metro adminname." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "HIGH", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "CHANGED", | ||
| "confidentialityImpact": "LOW", | ||
| "integrityImpact": "LOW", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 4.8, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 1.7, | ||
| "impactScore": 2.7 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-79" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/amanahmed000/Cyber-Cafe-Management-System-XSS-Advisory/blob/main/CVE-2023-38920.md", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
| "id": "CVE-2023-52717", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-04-07T09:15:08.600", | ||
| "lastModified": "2024-04-08T18:48:40.217", | ||
| "lastModified": "2024-11-18T20:35:02.497", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
|
|
@@ -15,7 +15,42 @@ | |
| "value": "Vulnerabilidad de verificaci\u00f3n de permisos en el m\u00f3dulo de pantalla de bloqueo. Impacto: La explotaci\u00f3n exitosa de esta vulnerabilidad afectar\u00e1 la disponibilidad." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "LOW", | ||
| "integrityImpact": "NONE", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 5.3, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 3.9, | ||
| "impactScore": 1.4 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-276" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://consumer.huawei.com/en/support/bulletin/2024/4/", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2024-11102", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-11-12T04:15:05.340", | ||
| "lastModified": "2024-11-12T13:55:21.227", | ||
| "vulnStatus": "Undergoing Analysis", | ||
| "lastModified": "2024-11-18T20:00:09.120", | ||
| "vulnStatus": "Analyzed", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -61,6 +61,26 @@ | |
| } | ||
| ], | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "HIGH", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "CHANGED", | ||
| "confidentialityImpact": "LOW", | ||
| "integrityImpact": "LOW", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 4.8, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 1.7, | ||
| "impactScore": 2.7 | ||
| }, | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
|
|
@@ -110,8 +130,18 @@ | |
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-79" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
|
|
@@ -124,30 +154,66 @@ | |
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
| { | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:mayurik:hospital_management_system:1.0:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "50855DED-FC21-4EF8-848C-67AD37E8A86A" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://drive.google.com/file/d/1Omjwoh6B2xh41c3Av0_VJsoR7tascb1_/view?usp=sharing", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Exploit" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://github.com/Salah-Tayeh/CVEs-and-Vulnerabilities/blob/main/Hospital%20Management%20System%20-%20Stored%20XSS.md", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Third Party Advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?ctiid.283922", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Permissions Required" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?id.283922", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Third Party Advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?submit.441694", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Exploit", | ||
| "Third Party Advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://www.sourcecodester.com/", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Product" | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
| "id": "CVE-2024-22083", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-03-20T05:15:45.800", | ||
| "lastModified": "2024-03-20T13:00:16.367", | ||
| "lastModified": "2024-11-18T19:35:02.710", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
|
|
@@ -15,7 +15,30 @@ | |
| "value": "Se descubri\u00f3 un problema en las versiones 1.1.4.15 y anteriores Elspec G5 digital fault recorder. Existe una ID de sesi\u00f3n de puerta trasera codificada que se puede usar para obtener m\u00e1s acceso al dispositivo, incluidas las tareas de reconfiguraci\u00f3n." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "LOW", | ||
| "integrityImpact": "NONE", | ||
| "availabilityImpact": "LOW", | ||
| "baseScore": 6.5, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 3.9, | ||
| "impactScore": 2.5 | ||
| } | ||
| ] | ||
| }, | ||
| "references": [ | ||
| { | ||
| "url": "https://www.elspec-ltd.com/support/security-advisories/", | ||
|
|
||
Oops, something went wrong.