Skip to content

Commit

Permalink
7 changes (2 new | 5 updated):
Browse files Browse the repository at this point in the history 
      - 2 new CVEs:  CVE-2024-52923, CVE-2024-52924
      - 5 updated CVEs: CVE-2025-25796, CVE-2025-25797, CVE-2025-25799, CVE-2025-25802, CVE-2025-25813
  • Loading branch information
cvelistV5 Github Action committed Mar 6, 2025
1 parent 6582000 commit 62d6e3b
Show file tree
Hide file tree
Showing 7 changed files with 432 additions and 10 deletions.
56 changes: 56 additions & 0 deletions cves/2024/52xxx/CVE-2024-52923.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"dataType": "CVE_RECORD",
"cveMetadata": {
"state": "PUBLISHED",
"cveId": "CVE-2024-52923",
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"dateUpdated": "2025-03-06T17:53:58.250Z",
"dateReserved": "2024-11-18T00:00:00.000Z",
"datePublished": "2025-03-06T00:00:00.000Z"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre",
"dateUpdated": "2025-03-06T17:53:58.250Z"
},
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the decoding of DL NAS Transport messages leads to a Denial of Service."
}
],
"affected": [
{
"vendor": "n/a",
"product": "n/a",
"versions": [
{
"version": "n/a",
"status": "affected"
}
]
}
],
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
],
"problemTypes": [
{
"descriptions": [
{
"type": "text",
"lang": "en",
"description": "n/a"
}
]
}
]
}
},
"dataVersion": "5.1"
}
56 changes: 56 additions & 0 deletions cves/2024/52xxx/CVE-2024-52924.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"dataType": "CVE_RECORD",
"cveMetadata": {
"state": "PUBLISHED",
"cveId": "CVE-2024-52924",
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"dateUpdated": "2025-03-06T17:59:22.553Z",
"dateReserved": "2024-11-18T00:00:00.000Z",
"datePublished": "2025-03-06T00:00:00.000Z"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre",
"dateUpdated": "2025-03-06T17:59:22.553Z"
},
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the decoding of Registration Accept messages can lead to out-of-bounds writes on the stack"
}
],
"affected": [
{
"vendor": "n/a",
"product": "n/a",
"versions": [
{
"version": "n/a",
"status": "affected"
}
]
}
],
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
}
],
"problemTypes": [
{
"descriptions": [
{
"type": "text",
"lang": "en",
"description": "n/a"
}
]
}
]
}
},
"dataVersion": "5.1"
}
66 changes: 64 additions & 2 deletions cves/2025/25xxx/CVE-2025-25796.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"cveId": "CVE-2025-25796",
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"dateUpdated": "2025-02-26T14:27:30.818Z",
"dateUpdated": "2025-03-06T17:55:27.657Z",
"dateReserved": "2025-02-07T00:00:00.000Z",
"datePublished": "2025-02-26T00:00:00.000Z"
},
Expand Down Expand Up @@ -56,7 +56,69 @@
]
}
]
}
},
"adp": [
{
"problemTypes": [
{
"descriptions": [
{
"type": "CWE",
"cweId": "CWE-77",
"lang": "en",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"scope": "UNCHANGED",
"version": "3.1",
"baseScore": 5.1,
"attackVector": "LOCAL",
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"integrityImpact": "HIGH",
"userInteraction": "NONE",
"attackComplexity": "LOW",
"availabilityImpact": "NONE",
"privilegesRequired": "HIGH",
"confidentialityImpact": "LOW"
}
},
{
"other": {
"type": "ssvc",
"content": {
"timestamp": "2025-03-06T17:54:41.522259Z",
"id": "CVE-2025-25796",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"version": "2.0.3"
}
}
}
],
"title": "CISA ADP Vulnrichment",
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-03-06T17:55:27.657Z"
}
}
]
},
"dataVersion": "5.1"
}
66 changes: 64 additions & 2 deletions cves/2025/25xxx/CVE-2025-25797.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"cveId": "CVE-2025-25797",
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"dateUpdated": "2025-02-26T14:27:31.638Z",
"dateUpdated": "2025-03-06T17:54:20.963Z",
"dateReserved": "2025-02-07T00:00:00.000Z",
"datePublished": "2025-02-26T00:00:00.000Z"
},
Expand Down Expand Up @@ -56,7 +56,69 @@
]
}
]
}
},
"adp": [
{
"problemTypes": [
{
"descriptions": [
{
"type": "CWE",
"cweId": "CWE-77",
"lang": "en",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"scope": "UNCHANGED",
"version": "3.1",
"baseScore": 5.1,
"attackVector": "LOCAL",
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"integrityImpact": "HIGH",
"userInteraction": "NONE",
"attackComplexity": "LOW",
"availabilityImpact": "NONE",
"privilegesRequired": "HIGH",
"confidentialityImpact": "LOW"
}
},
{
"other": {
"type": "ssvc",
"content": {
"timestamp": "2025-03-06T17:53:44.252380Z",
"id": "CVE-2025-25797",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"version": "2.0.3"
}
}
}
],
"title": "CISA ADP Vulnrichment",
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-03-06T17:54:20.963Z"
}
}
]
},
"dataVersion": "5.1"
}
66 changes: 64 additions & 2 deletions cves/2025/25xxx/CVE-2025-25799.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"cveId": "CVE-2025-25799",
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"dateUpdated": "2025-02-26T14:27:32.704Z",
"dateUpdated": "2025-03-06T17:53:17.189Z",
"dateReserved": "2025-02-07T00:00:00.000Z",
"datePublished": "2025-02-26T00:00:00.000Z"
},
Expand Down Expand Up @@ -56,7 +56,69 @@
]
}
]
}
},
"adp": [
{
"problemTypes": [
{
"descriptions": [
{
"type": "CWE",
"cweId": "CWE-552",
"lang": "en",
"description": "CWE-552 Files or Directories Accessible to External Parties"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"scope": "UNCHANGED",
"version": "3.1",
"baseScore": 6,
"attackVector": "LOCAL",
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"integrityImpact": "HIGH",
"userInteraction": "NONE",
"attackComplexity": "LOW",
"availabilityImpact": "NONE",
"privilegesRequired": "HIGH",
"confidentialityImpact": "HIGH"
}
},
{
"other": {
"type": "ssvc",
"content": {
"timestamp": "2025-03-06T17:52:08.117939Z",
"id": "CVE-2025-25799",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"version": "2.0.3"
}
}
}
],
"title": "CISA ADP Vulnrichment",
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-03-06T17:53:17.189Z"
}
}
]
},
"dataVersion": "5.1"
}
Loading

0 comments on commit 62d6e3b

Please sign in to comment.