Skip to content

Commit

Permalink
16 changes (2 new | 14 updated):
Browse files Browse the repository at this point in the history 
      - 2 new CVEs:  CVE-2024-12799, CVE-2025-1714
      - 14 updated CVEs: CVE-2023-24775, CVE-2024-11731, CVE-2024-13232, CVE-2024-13747, CVE-2024-13757, CVE-2024-13777, CVE-2024-13779, CVE-2024-13780, CVE-2024-13866, CVE-2024-53676, CVE-2025-1965, CVE-2025-22493, CVE-2025-25015, CVE-2025-25784
  • Loading branch information
cvelistV5 Github Action committed Mar 5, 2025
1 parent c8ee293 commit 73ce285
Show file tree
Hide file tree
Showing 16 changed files with 864 additions and 52 deletions.
68 changes: 64 additions & 4 deletions cves/2023/24xxx/CVE-2023-24775.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,16 @@
"cveId": "CVE-2023-24775",
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"dateUpdated": "2024-08-02T11:03:18.964Z",
"dateReserved": "2023-01-30T00:00:00",
"datePublished": "2023-03-07T00:00:00"
"dateUpdated": "2025-03-05T14:54:48.704Z",
"dateReserved": "2023-01-30T00:00:00.000Z",
"datePublished": "2023-03-07T00:00:00.000Z"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre",
"dateUpdated": "2023-03-07T00:00:00"
"dateUpdated": "2023-03-07T00:00:00.000Z"
},
"descriptions": [
{
Expand Down Expand Up @@ -68,6 +68,66 @@
]
}
]
},
{
"problemTypes": [
{
"descriptions": [
{
"type": "CWE",
"cweId": "CWE-89",
"lang": "en",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"scope": "UNCHANGED",
"version": "3.1",
"baseScore": 9.8,
"attackVector": "NETWORK",
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"integrityImpact": "HIGH",
"userInteraction": "NONE",
"attackComplexity": "LOW",
"availabilityImpact": "HIGH",
"privilegesRequired": "NONE",
"confidentialityImpact": "HIGH"
}
},
{
"other": {
"type": "ssvc",
"content": {
"timestamp": "2025-03-05T14:53:19.041864Z",
"id": "CVE-2023-24775",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"version": "2.0.3"
}
}
}
],
"title": "CISA ADP Vulnrichment",
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-03-05T14:54:48.704Z"
}
}
]
}
Expand Down
38 changes: 36 additions & 2 deletions cves/2024/11xxx/CVE-2024-11731.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
"assignerShortName": "Wordfence",
"dateReserved": "2024-11-25T23:21:17.322Z",
"datePublished": "2025-03-05T09:21:50.557Z",
"dateUpdated": "2025-03-05T09:21:50.557Z"
"dateUpdated": "2025-03-05T14:52:41.393Z"
},
"containers": {
"cna": {
Expand Down Expand Up @@ -86,6 +86,40 @@
"value": "Disclosed"
}
]
}
},
"adp": [
{
"metrics": [
{
"other": {
"type": "ssvc",
"content": {
"timestamp": "2025-03-05T14:52:24.967736Z",
"id": "CVE-2024-11731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"version": "2.0.3"
}
}
}
],
"title": "CISA ADP Vulnrichment",
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-03-05T14:52:41.393Z"
}
}
]
}
}
128 changes: 128 additions & 0 deletions cves/2024/12xxx/CVE-2024-12799.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,128 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"cveMetadata": {
"cveId": "CVE-2024-12799",
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"state": "PUBLISHED",
"assignerShortName": "OpenText",
"dateReserved": "2024-12-19T15:22:32.158Z",
"datePublished": "2025-03-05T14:55:55.363Z",
"dateUpdated": "2025-03-05T14:55:55.363Z"
},
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"Linux",
"64 bit"
],
"product": "Identity Manager Advanced Edition",
"vendor": "OpenText",
"versions": [
{
"lessThanOrEqual": "4.8.7.0102",
"status": "affected",
"version": "4.8.0.0",
"versionType": "rpm, exe"
},
{
"status": "affected",
"version": "4.9.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p><b>Insufficiently Protected Credentials\nvulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux,\n64 bit allows Privilege Abuse. </b><b>This vulnerability could allow an\nauthenticated user to obtain higher privileged user’s sensitive information via\ncrafted payload.</b></p><p><b>This issue affects Identity Manager Advanced\nEdition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0.</b></p>"
}
],
"value": "Insufficiently Protected Credentials\nvulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux,\n64 bit allows Privilege Abuse. This vulnerability could allow an\nauthenticated user to obtain higher privileged user’s sensitive information via\ncrafted payload.\n\nThis issue affects Identity Manager Advanced\nEdition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:C/RE:H/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "OpenText",
"dateUpdated": "2025-03-05T14:55:55.363Z"
},
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000037455"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficiently Protected Credentials",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
}
}
38 changes: 36 additions & 2 deletions cves/2024/13xxx/CVE-2024-13232.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
"assignerShortName": "Wordfence",
"dateReserved": "2025-01-09T15:58:09.506Z",
"datePublished": "2025-03-05T09:21:50.957Z",
"dateUpdated": "2025-03-05T09:21:50.957Z"
"dateUpdated": "2025-03-05T14:52:07.832Z"
},
"containers": {
"cna": {
Expand Down Expand Up @@ -83,6 +83,40 @@
"value": "Disclosed"
}
]
}
},
"adp": [
{
"metrics": [
{
"other": {
"type": "ssvc",
"content": {
"timestamp": "2025-03-05T14:51:44.026682Z",
"id": "CVE-2024-13232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"version": "2.0.3"
}
}
}
],
"title": "CISA ADP Vulnrichment",
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-03-05T14:52:07.832Z"
}
}
]
}
}
38 changes: 36 additions & 2 deletions cves/2024/13xxx/CVE-2024-13747.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
"assignerShortName": "Wordfence",
"dateReserved": "2025-01-27T20:46:57.231Z",
"datePublished": "2025-03-05T09:21:50.106Z",
"dateUpdated": "2025-03-05T09:21:50.106Z"
"dateUpdated": "2025-03-05T14:55:10.989Z"
},
"containers": {
"cna": {
Expand Down Expand Up @@ -83,6 +83,40 @@
"value": "Disclosed"
}
]
}
},
"adp": [
{
"metrics": [
{
"other": {
"type": "ssvc",
"content": {
"timestamp": "2025-03-05T14:53:34.240498Z",
"id": "CVE-2024-13747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"version": "2.0.3"
}
}
}
],
"title": "CISA ADP Vulnrichment",
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-03-05T14:55:10.989Z"
}
}
]
}
}
Loading

0 comments on commit 73ce285

Please sign in to comment.