{"resultsPerPage":73,"startIndex":0,"totalResults":73,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-22T19:33:43.246","vulnerabilities":[{"cve":{"id":"CVE-2022-23302","sourceIdentifier":"security@apache.org","published":"2022-01-18T16:15:08.300","lastModified":"2025-07-07T18:15:24.713","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions."},{"lang":"es","value":"JMSSink en todas las versiones de Log4j 1.x, es vulnerable a una deserialización de datos no confiables cuando el atacante presenta acceso de escritura a la configuración de Log4j o si la configuración hace referencia a un servicio LDAP al que el atacante presenta acceso. El atacante puede proporcionar una configuración TopicConnectionFactoryBindingName causando que JMSSink lleve a cabo peticiones JNDI que resulten en la ejecución de código remota de forma similar a CVE-2021-4104. Tenga en cuenta que este problema sólo afecta a Log4j versiones 1.x cuando es configurado específicamente para usar JMSSink, que no es el predeterminado. Apache Log4j versión 1.2 llegó al final de su vida útil en agosto de 2015. Los usuarios deberían actualizar a Log4j 2 ya que aborda otros numerosos problemas de las versiones anteriores"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.1","versionEndIncluding":"1.2.17","matchCriteriaId":"2A81678B-BD7A-42A5-84FF-DC2D3D650650"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*","matchCriteriaId":"26A2B713-7D6D-420A-93A4-E0D983C983DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*","matchCriteriaId":"64DE38C8-94F1-4860-B045-F33928F676A8"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brocade_sannav:-:*:*:*:*:*:*:*","matchCriteriaId":"75B1EDA5-F189-440D-AD0E-C70DD2C0FEE5"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qos:reload4j:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.18.1","matchCriteriaId":"EB681829-2B2A-4BDB-8DC5-B3C7D359F4C5"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:advanced_supply_chain_planning:12.1:*:*:*:*:*:*:*","matchCriteriaId":"A62E2A25-1AD7-4B4B-9D1B-F0DEA4550557"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:advanced_supply_chain_planning:12.2:*:*:*:*:*:*:*","matchCriteriaId":"0331158C-BBE0-42DB-8180-EB1FCD290567"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"B602F9E8-1580-436C-A26D-6E6F8121A583"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"77C3DD16-1D81-40E1-B312-50FBD275507C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"81DAC8C0-D342-44B5-9432-6B88D389584F"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"E869C417-C0E6-4FC3-B406-45598A1D1906"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*","matchCriteriaId":"C68536CA-C7E2-4228-A6B8-F0DB6A9D29EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*","matchCriteriaId":"C4A94B36-479F-48F2-9B9E-ACEA2589EF48"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*","matchCriteriaId":"E1214FDF-357A-4BB9-BADE-50FB2BD16D10"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*","matchCriteriaId":"B21E6EEF-2AB7-4E96-B092-1F49D11B4175"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*","versionEndExcluding":"12.0.0.4.4","matchCriteriaId":"61A2E42A-4EF2-437D-A0EC-4A6A4F1EBD11"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*","matchCriteriaId":"5933FEA2-B79E-4EE7-B821-54D676B45734"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*","matchCriteriaId":"A7637F8B-15F1-42E2-BE18-E1FF7C66587D"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*","matchCriteriaId":"E43D793A-7756-4D58-A8ED-72DC4EC9CEA7"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:e-business_suite_cloud_manager_and_cloud_backup_module:*:*:*:*:*:*:*:*","versionEndExcluding":"2.2.1.1.1","matchCriteriaId":"86EF205C-9CB1-4772-94D1-0B744EF3342D"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:e-business_suite_cloud_manager_and_cloud_backup_module:2.2.1.1.1:*:*:*:*:*:*:*","matchCriteriaId":"6ED0EE39-C080-4E75-AE0F-3859B57EF851"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6E8758C8-87D3-450A-878B-86CE8C9FC140"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"054B56E0-F11B-4939-B7E1-E722C67A041A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7.0.1:*:*:*:*:*:*:*","matchCriteriaId":"250A493C-E052-4978-ABBE-786DC8038448"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2E2B771B-230A-4811-94D7-065C2722E428"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:healthcare_foundation:8.1.0:*:*:*:*:*:*:*","matchCriteriaId":"E67501BE-206A-49FD-8CBA-22935DF917F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hyperion_data_relationship_management:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.8.0","matchCriteriaId":"E8E7FBA9-0FFF-4C86-B151-28C17A142E0B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hyperion_infrastructure_technology:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.8.0","matchCriteriaId":"55BBCD48-BCC6-4E19-A4CE-970E524B9FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"1489DDA7-EDBE-404C-B48D-F0B52B741708"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:identity_management_suite:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"535BC19C-21A1-48E3-8CC0-B276BA5D494E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:identity_manager_connector:11.1.1.5.0:*:*:*:*:*:*:*","matchCriteriaId":"9D7EA92D-9F26-4292-991A-891597337DFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"228DA523-4D6D-48C5-BDB0-DB1A60F23F8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"9AB179A8-DFB7-4DCF-8DE3-096F376989F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*","versionEndIncluding":"8.0.29","matchCriteriaId":"B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:tuxedo:12.2.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB7D0A30-3986-49AB-B7F3-DAE0024504BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"F14A818F-AA16-4438-A3E4-E64C9287AC66"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"04BCDC24-4A21-473C-8733-0D9CFB38A752"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2022/01/18/3","source":"security@apache.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread/bsr3l5qz4g0myrjhy9h67bcxodpkwj4w","source":"security@apache.org","tags":["Mailing List","Mitigation","Vendor Advisory"]},{"url":"https://logging.apache.org/log4j/1.2/index.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220217-0006/","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2022/01/18/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread/bsr3l5qz4g0myrjhy9h67bcxodpkwj4w","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Mitigation","Vendor Advisory"]},{"url":"https://logging.apache.org/log4j/1.2/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220217-0006/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://www.vicarius.io/vsociety/posts/cve-2022-23302-detect-log4j-1217-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.vicarius.io/vsociety/posts/cve-2022-23302-mitigate-log4j-1217-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-23307","sourceIdentifier":"security@apache.org","published":"2022-01-18T16:15:08.403","lastModified":"2024-11-21T06:48:22.733","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists."},{"lang":"es","value":"CVE-2020-9493 identificó un problema de deserialización presente en Apache Chainsaw. Versiones anteriores a Chainsaw V2.0 Chainsaw era un componente de Apache Log4j versiones 1.2.x donde se presenta el mismo problema"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:chainsaw:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1.0","matchCriteriaId":"4A0D9BED-411E-4E62-A281-237D3C90FFEB"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*","versionStartIncluding":"1.2","versionEndExcluding":"2.0","matchCriteriaId":"56EF3EFE-3632-4CDD-90EF-D2E614E05886"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qos:reload4j:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.18.1","matchCriteriaId":"EB681829-2B2A-4BDB-8DC5-B3C7D359F4C5"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:advanced_supply_chain_planning:12.1:*:*:*:*:*:*:*","matchCriteriaId":"A62E2A25-1AD7-4B4B-9D1B-F0DEA4550557"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:advanced_supply_chain_planning:12.2:*:*:*:*:*:*:*","matchCriteriaId":"0331158C-BBE0-42DB-8180-EB1FCD290567"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"B602F9E8-1580-436C-A26D-6E6F8121A583"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"77C3DD16-1D81-40E1-B312-50FBD275507C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"81DAC8C0-D342-44B5-9432-6B88D389584F"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"E869C417-C0E6-4FC3-B406-45598A1D1906"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*","matchCriteriaId":"C68536CA-C7E2-4228-A6B8-F0DB6A9D29EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*","matchCriteriaId":"C4A94B36-479F-48F2-9B9E-ACEA2589EF48"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*","matchCriteriaId":"E1214FDF-357A-4BB9-BADE-50FB2BD16D10"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*","matchCriteriaId":"B21E6EEF-2AB7-4E96-B092-1F49D11B4175"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*","versionEndExcluding":"12.0.0.4.4","matchCriteriaId":"61A2E42A-4EF2-437D-A0EC-4A6A4F1EBD11"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*","matchCriteriaId":"5933FEA2-B79E-4EE7-B821-54D676B45734"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*","matchCriteriaId":"A7637F8B-15F1-42E2-BE18-E1FF7C66587D"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*","matchCriteriaId":"E43D793A-7756-4D58-A8ED-72DC4EC9CEA7"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:e-business_suite_cloud_manager_and_cloud_backup_module:*:*:*:*:*:*:*:*","versionEndExcluding":"2.2.1.1.1","matchCriteriaId":"86EF205C-9CB1-4772-94D1-0B744EF3342D"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:e-business_suite_cloud_manager_and_cloud_backup_module:2.2.1.1.1:*:*:*:*:*:*:*","matchCriteriaId":"6ED0EE39-C080-4E75-AE0F-3859B57EF851"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6E8758C8-87D3-450A-878B-86CE8C9FC140"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"054B56E0-F11B-4939-B7E1-E722C67A041A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7.0.1:*:*:*:*:*:*:*","matchCriteriaId":"250A493C-E052-4978-ABBE-786DC8038448"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2E2B771B-230A-4811-94D7-065C2722E428"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:healthcare_foundation:8.1.0:*:*:*:*:*:*:*","matchCriteriaId":"E67501BE-206A-49FD-8CBA-22935DF917F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hyperion_data_relationship_management:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.8.0","matchCriteriaId":"E8E7FBA9-0FFF-4C86-B151-28C17A142E0B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hyperion_infrastructure_technology:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.8.0","matchCriteriaId":"55BBCD48-BCC6-4E19-A4CE-970E524B9FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"1489DDA7-EDBE-404C-B48D-F0B52B741708"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:identity_management_suite:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"535BC19C-21A1-48E3-8CC0-B276BA5D494E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:identity_manager_connector:11.1.1.5.0:*:*:*:*:*:*:*","matchCriteriaId":"9D7EA92D-9F26-4292-991A-891597337DFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"228DA523-4D6D-48C5-BDB0-DB1A60F23F8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"9AB179A8-DFB7-4DCF-8DE3-096F376989F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*","versionEndIncluding":"8.0.29","matchCriteriaId":"B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2.5:*:*:*:*:*:*:*","matchCriteriaId":"30501D23-5044-477A-8DC3-7610126AEFD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:tuxedo:12.2.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB7D0A30-3986-49AB-B7F3-DAE0024504BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"F14A818F-AA16-4438-A3E4-E64C9287AC66"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"04BCDC24-4A21-473C-8733-0D9CFB38A752"}]}]}],"references":[{"url":"https://lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"https://logging.apache.org/log4j/1.2/index.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"https://lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Vendor Advisory"]},{"url":"https://logging.apache.org/log4j/1.2/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-22709","sourceIdentifier":"secure@microsoft.com","published":"2022-02-09T17:15:09.947","lastModified":"2024-11-21T06:47:17.570","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"VP9 Video Extensions Remote Code Execution Vulnerability"},{"lang":"es","value":"Una Vulnerabilidad de Ejecución de Código Remota en VP9 Video Extensions"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:vp9_video_extensions:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.42791.0","matchCriteriaId":"E933622F-9AF7-4E3A-B836-28F2FA61E842"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22709","source":"secure@microsoft.com"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22709","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-23282","sourceIdentifier":"secure@microsoft.com","published":"2022-03-09T17:15:11.427","lastModified":"2024-11-21T06:48:19.283","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Paint 3D Remote Code Execution Vulnerability"},{"lang":"es","value":"Una vulnerabilidad de Ejecución de Código Remota en Paint 3D"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:paint_3d:-:*:*:*:*:*:*:*","matchCriteriaId":"A64818C3-5DAD-4350-80DE-743220D21DBC"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23282","source":"secure@microsoft.com"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23282","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-24451","sourceIdentifier":"secure@microsoft.com","published":"2022-03-09T17:15:13.210","lastModified":"2024-11-21T06:50:26.880","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"VP9 Video Extensions Remote Code Execution Vulnerability"},{"lang":"es","value":"Una vulnerabilidad de Ejecución de Código Remota en VP9 Video Extensions. Este ID de CVE es diferente de CVE-2022-24501"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:vp9_video_extensions:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.42791.0","matchCriteriaId":"E933622F-9AF7-4E3A-B836-28F2FA61E842"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24451","source":"secure@microsoft.com"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24451","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-24457","sourceIdentifier":"secure@microsoft.com","published":"2022-03-09T17:15:13.770","lastModified":"2024-11-21T06:50:27.657","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"HEIF Image Extensions Remote Code Execution Vulnerability"},{"lang":"es","value":"Una vulnerabilidad de Ejecución de Código Remota en HEIF Image Extensions"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:heif_image_extension:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.43012.0","matchCriteriaId":"8E68FA81-0A91-4FA8-861F-72B98FBDB4A5"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24457","source":"secure@microsoft.com"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24457","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-24501","sourceIdentifier":"secure@microsoft.com","published":"2022-03-09T17:15:14.880","lastModified":"2024-11-21T06:50:33.157","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"VP9 Video Extensions Remote Code Execution Vulnerability"},{"lang":"es","value":"Una vulnerabilidad de Ejecución de Código Remota en VP9 Video Extensions. Este ID de CVE es diferente de CVE-2022-24451"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:vp9_video_extensions:-:*:*:*:*:*:*:*","matchCriteriaId":"156CD8DF-B24E-49FD-BCBD-E6EC7EAE4507"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24501","source":"secure@microsoft.com"},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24501","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-0778","sourceIdentifier":"openssl-security@openssl.org","published":"2022-03-15T17:15:08.513","lastModified":"2026-04-14T10:16:21.510","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc)."},{"lang":"es","value":"La función BN_mod_sqrt(), que calcula una raíz cuadrada modular, contiene un error que puede causar un bucle eterno para módulos no primos. Internamente, esta función es usado cuando son analizados certificados que contienen claves públicas de curva elíptica en forma comprimida o parámetros de curva elíptica explícitos con un punto base codificado en forma comprimida. Es posible desencadenar el bucle infinito si es diseñado un certificado con parámetros de curva explícitos no válidos. Dado que el análisis del certificado es realizado antes de la verificación de la firma del certificado, cualquier proceso que analice un certificado suministrado externamente puede ser objeto de un ataque de denegación de servicio. El bucle infinito también puede alcanzarse cuando son analizadas claves privadas diseñadas, ya que pueden contener parámetros explícitos de la curva elíptica. Por lo tanto, las situaciones vulnerables incluyen: - Clientes TLS que consumen certificados de servidor - Servidores TLS que consumen certificados de cliente - Proveedores de hosting que toman certificados o claves privadas de clientes - Autoridades de certificación que analizan peticiones de certificación de suscriptores - Cualquier otra cosa que analice parámetros de curva elíptica ASN.1 También cualquier otra aplicación que utilice BN_mod_sqrt() donde el atacante pueda controlar los valores de los parámetros es vulnerable a este problema de DoS. En OpenSSL versión 1.0.2, la clave pública no es analizada durante el análisis inicial del certificado, lo que dificulta ligeramente la activación del bucle infinito. Sin embargo, cualquier operación que requiera la clave pública del certificado desencadenará el bucle infinito. En particular, el atacante puede usar un certificado autofirmado para desencadenar el bucle durante la verificación de la firma del certificado. Este problema afecta a OpenSSL versiones 1.0.2, 1.1.1 y 3.0. Fue abordado en las versiones 1.1.1n y 3.0.2 del 15 de marzo de 2022. Corregido en OpenSSL versión 3.0.2 (Afectado 3.0.0,3.0.1). Corregido en OpenSSL versión 1.1.1n (Afectado 1.1.1-1.1.1m). Corregido en OpenSSL versión 1.0.2zd (Afectado 1.0.2-1.0.2zc)"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.2","versionEndExcluding":"1.0.2zd","matchCriteriaId":"F3BC593C-D7BB-42A8-9488-BE910A8C3B68"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"1.1.0","versionEndExcluding":"1.1.1n","matchCriteriaId":"16D7B14C-9D04-40AC-9FCE-73D3DF468DB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.2","matchCriteriaId":"E7225F27-E0BC-4716-AF68-8D68EE90F7CE"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*","matchCriteriaId":"280AA828-6FA9-4260-8EC1-019423B966E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*","matchCriteriaId":"1FE996B1-6951-4F85-AA58-B99A379D2163"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*","matchCriteriaId":"62347994-1353-497C-9C4A-D5D8D95F67E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*","matchCriteriaId":"361B791A-D336-4431-8F68-8135BEFFAEA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*","matchCriteriaId":"8ADFF451-740F-4DBA-BD23-3881945D3E40"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1236B66D-EB11-4324-929F-E2B86683C3C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*","matchCriteriaId":"281DFC67-46BB-4FC2-BE03-3C65C9311F65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ECF32BB1-9A58-4821-AE49-5D5C8200631F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*","matchCriteriaId":"F21DE67F-CDFD-4D36-9967-633CD0240C6F"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","matchCriteriaId":"A930E247-0B43-43CB-98FF-6CE7B8189835"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","matchCriteriaId":"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*","versionEndExcluding":"8.15.4","matchCriteriaId":"1188273E-D496-41A9-AE16-75C0EB70EFB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"10.1.2","matchCriteriaId":"644DD241-261E-41A3-86B5-C0834502EA81"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.0","versionEndExcluding":"10.2.42","matchCriteriaId":"49CFE4A3-DDFC-4801-8C68-510EB5CFBC36"},{"vulnerable":true,"criteria":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","versionStartIncluding":"10.3.0","versionEndExcluding":"10.3.33","matchCriteriaId":"F8EB13E9-AFD7-4E82-A471-61201460CAC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","versionStartIncluding":"10.4.0","versionEndExcluding":"10.4.23","matchCriteriaId":"3EFE42EF-DB07-4DD4-A40C-6DD6A7D1E6DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","versionStartIncluding":"10.5.0","versionEndExcluding":"10.5.14","matchCriteriaId":"E3C63CE6-6B86-4C48-8D30-DC74CA83C5EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","versionStartIncluding":"10.6.0","versionEndExcluding":"10.6.6","matchCriteriaId":"09ADA35C-125F-4970-ACB7-36A9CC3516BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","versionStartIncluding":"10.7.0","versionEndExcluding":"10.7.2","matchCriteriaId":"E0435104-B0F9-4997-A769-36821689DF45"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartIncluding":"12.0.0","versionEndIncluding":"12.12.0","matchCriteriaId":"564ED5C8-50D7-413A-B88E-E62B6C07336A"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","versionStartIncluding":"12.13.0","versionEndExcluding":"12.22.11","matchCriteriaId":"274A9803-2997-4E65-BDB0-8B5C23120CD1"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartExcluding":"14.0.0","versionEndIncluding":"14.14.0","matchCriteriaId":"05678B4E-5F27-4096-8E9B-38B84A7E7793"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","versionStartIncluding":"14.15.0","versionEndExcluding":"14.19.1","matchCriteriaId":"CECEE1EE-B2A2-476B-82AE-48DFF6F1729A"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartExcluding":"16.0.0","versionEndIncluding":"16.12.0","matchCriteriaId":"DC9C8402-7102-4BCF-8A49-CFDF1C59B92F"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","versionStartIncluding":"16.13.0","versionEndExcluding":"16.14.2","matchCriteriaId":"3DF34038-6987-4196-B5E7-FF5656D1EE5A"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartExcluding":"17.0.0","versionEndExcluding":"17.7.2","matchCriteriaId":"0AD8D8BB-702C-4FDF-A0A2-872744B8BF68"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html","source":"openssl-security@openssl.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2022/May/33","source":"openssl-security@openssl.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2022/May/35","source":"openssl-security@openssl.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2022/May/38","source":"openssl-security@openssl.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65","source":"openssl-security@openssl.org"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83","source":"openssl-security@openssl.org"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246","source":"openssl-security@openssl.org"},{"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html","source":"openssl-security@openssl.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html","source":"openssl-security@openssl.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/","source":"openssl-security@openssl.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/","source":"openssl-security@openssl.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/","source":"openssl-security@openssl.org"},{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202210-02","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220321-0002/","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220429-0005/","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20240621-0006/","source":"openssl-security@openssl.org"},{"url":"https://support.apple.com/kb/HT213255","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://support.apple.com/kb/HT213256","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://support.apple.com/kb/HT213257","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2022/dsa-5103","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://www.openssl.org/news/secadv/20220315.txt","source":"openssl-security@openssl.org","tags":["Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/tns-2022-06","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/tns-2022-07","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/tns-2022-08","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/tns-2022-09","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2022/May/33","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2022/May/35","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2022/May/38","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202210-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220321-0002/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220429-0005/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20240621-0006/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://support.apple.com/kb/HT213255","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://support.apple.com/kb/HT213256","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://support.apple.com/kb/HT213257","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2022/dsa-5103","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.openssl.org/news/secadv/20220315.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/tns-2022-06","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/tns-2022-07","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/tns-2022-08","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/tns-2022-09","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-019200.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-028723.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-108696.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-398330.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-712929.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}},{"cve":{"id":"CVE-2022-25647","sourceIdentifier":"report@snyk.io","published":"2022-05-01T16:15:08.603","lastModified":"2024-11-21T06:52:30.240","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks."},{"lang":"es","value":"El paquete com.google.code.gson:gson versiones anteriores a 2.8.9, son vulnerables a una Deserialización de Datos No Confiables por medio del método writeReplace() en clases internas, lo cual puede conllevar a ataques DoS"}],"metrics":{"cvssMetricV31":[{"source":"report@snyk.io","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:gson:*:*:*:*:*:*:*:*","versionStartIncluding":"2.2.3","versionEndExcluding":"2.8.9","matchCriteriaId":"BDD6E481-96F1-4FE9-9283-775786501464"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*","matchCriteriaId":"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","matchCriteriaId":"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","matchCriteriaId":"B55E8D50-99B4-47EC-86F9-699B67D473CE"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*","matchCriteriaId":"55F091C7-0869-4FD6-AC73-DA697D990304"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*","matchCriteriaId":"4D134C60-F9E2-46C2-8466-DB90AD98439E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:graalvm:20.3.6:*:*:*:enterprise:*:*:*","matchCriteriaId":"7D961E24-EA18-4217-B5F5-F847726D84E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:graalvm:21.3.2:*:*:*:enterprise:*:*:*","matchCriteriaId":"601D92C4-F71F-47E2-9041-5C286D2137F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:graalvm:22.1.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"B18FE85D-C53D-44E9-8992-715820D1264B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*","matchCriteriaId":"0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*","matchCriteriaId":"C7BD0D41-1BED-4C4F-95C8-8987C98908DA"}]}]}],"references":[{"url":"https://github.com/google/gson/pull/1991","source":"report@snyk.io","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/google/gson/pull/1991/commits","source":"report@snyk.io","tags":["Patch","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00015.html","source":"report@snyk.io","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00009.html","source":"report@snyk.io","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220901-0009/","source":"report@snyk.io","tags":["Third Party Advisory"]},{"url":"https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327","source":"report@snyk.io","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2022/dsa-5227","source":"report@snyk.io","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"report@snyk.io","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/google/gson/pull/1991","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/google/gson/pull/1991/commits","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00015.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00009.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220901-0009/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2022/dsa-5227","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-23391","sourceIdentifier":"secure@microsoft.com","published":"2023-03-14T17:15:12.707","lastModified":"2024-11-21T07:46:05.547","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Office for Android Spoofing Vulnerability"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:16.0.16026.20172:*:*:*:*:android:*:*","matchCriteriaId":"E879B70D-8BAA-4943-8683-7998DDD4B03E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23391","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23391","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-1725","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-03-30T15:15:07.287","lastModified":"2024-11-21T07:39:46.540","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows Server Side Request Forgery.This issue affects Project Management System: before 4.09.31.125.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:infoline-tr:project_management_system:*:*:*:*:*:*:*:*","versionEndExcluding":"4.09.31.125","matchCriteriaId":"9E779E47-811D-4605-BA84-FFE20585B17A"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0187","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0187","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-1765","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-04-03T14:15:07.380","lastModified":"2024-11-21T07:39:51.817","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Akbim Computer Panon allows SQL Injection.This issue affects Panon: before 1.0.2.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:akbim:panon:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.2","matchCriteriaId":"F8B094D8-B11E-4098-A3A9-14A503E4379A"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0193","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0193","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}},{"cve":{"id":"CVE-2023-1766","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-04-03T14:15:07.443","lastModified":"2024-11-21T07:39:51.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akbim Computer Panon allows Reflected XSS.This issue affects Panon: before 1.0.2.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:akbim:panon:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.2","matchCriteriaId":"F8B094D8-B11E-4098-A3A9-14A503E4379A"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0193","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0193","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}},{"cve":{"id":"CVE-2023-1728","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-04-04T09:15:07.343","lastModified":"2024-11-21T07:39:46.773","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted Upload of File with Dangerous Type vulnerability in Fernus Informatics LMS allows OS Command Injection, Server Side Include (SSI) Injection.This issue affects LMS: before 23.04.03.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fernus:learning_management_systems:*:*:*:*:*:*:*:*","versionEndExcluding":"23.04.03","matchCriteriaId":"B6F83193-191B-4AD9-9127-70437657E652"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0194","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0194","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}},{"cve":{"id":"CVE-2023-1726","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-04-07T13:15:07.287","lastModified":"2024-11-21T07:39:46.657","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user.This issue affects OBS: before 23.04.01.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:prolizyazilim:student_affairs_information_system:*:*:*:*:*:*:*:*","versionEndExcluding":"23.04.01","matchCriteriaId":"9AC90D34-4E15-49DE-A774-D0F2E1568ED3"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0205","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0205","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-1803","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-04-14T14:15:10.553","lastModified":"2024-11-21T07:39:56.197","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue affects Redline Router: before 7.17.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-289"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redline:router_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.17","matchCriteriaId":"28C4F715-F4ED-4B54-B282-D56319F8962E"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0227","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0227","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-1833","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-04-14T14:15:10.650","lastModified":"2024-11-21T07:39:59.253","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue affects Redline Router: before 7.17.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-305"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redline:router_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.17","matchCriteriaId":"28C4F715-F4ED-4B54-B282-D56319F8962E"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0227","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0227","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-1723","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-04-17T12:15:07.167","lastModified":"2024-11-21T07:39:46.310","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veragroup Mobile Assistant allows SQL Injection.This issue affects Mobile Assistant: before 21.S.2343.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vegayazilim:mobile_assistant:*:*:*:*:*:*:*:*","versionEndExcluding":"21.s.2343","matchCriteriaId":"5B6C8695-4664-4B45-9BAC-21375EAEBDBC"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0228","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0228","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-36565","sourceIdentifier":"secure@microsoft.com","published":"2023-10-10T18:15:13.137","lastModified":"2024-11-21T08:09:56.903","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Microsoft Office Graphics Elevation of Privilege Vulnerability"},{"lang":"es","value":"Vulnerabilidad de elevación de privilegios en Microsoft Office Graphics"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:universal:*:*","versionEndExcluding":"16.0.14326.21606","matchCriteriaId":"790083A1-41AD-46AB-A26A-93EDE837DAAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.16827.20138","matchCriteriaId":"A62FB2A2-74C1-4042-A18C-2E053B6B0964"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*","matchCriteriaId":"40961B9E-80B6-42E0-A876-58B3CE056E4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36565","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36565","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-38250","sourceIdentifier":"secure@microsoft.com","published":"2024-09-10T17:15:30.247","lastModified":"2024-09-17T16:27:12.593","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Windows Graphics Component Elevation of Privilege Vulnerability"},{"lang":"es","value":"Vulnerabilidad de elevación de privilegios en componentes gráficos de Windows"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-126"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:universal:*:*","matchCriteriaId":"20C6F097-EFA4-4A0B-BB64-D6BA2AACC706"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.10240.20766","matchCriteriaId":"85DD5735-7C22-4A98-B404-08FEF44A640F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.10240.20766","matchCriteriaId":"83550045-529B-4968-A543-C9D298C0F31D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.7336","matchCriteriaId":"90027BBC-56AF-4F14-A118-53BBA694A0CD"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndIncluding":"10.0.14393.7336","matchCriteriaId":"F2FBD819-1371-4941-B162-8BFCFB317EFB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.17763.6293","matchCriteriaId":"89B89FB6-5A2C-4444-9D51-B5E46A506CA6"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.6293","matchCriteriaId":"ADD534CE-0B4C-43DB-A27C-AC67246D0A87"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.6293","matchCriteriaId":"23DBE62F-98CC-4F76-A841-BB20C5E8075F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.4894","matchCriteriaId":"EC7AA96F-CE3B-4E76-8BE8-A33E0E09F724"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.4894","matchCriteriaId":"273D661D-7A6D-476F-9143-EBDEDD938665"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.4894","matchCriteriaId":"A769F920-AB17-4C52-A416-744D91A2DE93"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.4894","matchCriteriaId":"6FBDC450-FB5A-469C-8D38-9586CE5A6F48"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.4894","matchCriteriaId":"6A08D353-356F-4BB0-A43F-15EBD6E2FB83"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.4894","matchCriteriaId":"13DBA791-6F77-4DA1-8BF4-BA7C299C6188"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22000.3197","matchCriteriaId":"27B86605-6710-4BC8-99A4-73462A011192"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22000.3197","matchCriteriaId":"24ABE040-A076-4A03-9847-B4D0C2CA5E97"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22621.4169","matchCriteriaId":"1943A041-87C3-404D-B09C-8E25E46A6E90"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22621.4169","matchCriteriaId":"4AC8FE5E-7E85-4520-BD68-3A9776948A5D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22621.4169","matchCriteriaId":"76AB8812-9BA5-415B-A6B1-C5AD065D3382"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.4169","matchCriteriaId":"5EFBBCCD-A83C-4D06-BBF0-1A4E5C9F0283"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*","matchCriteriaId":"2127D10C-B6F3-4C1D-B9AA-5D78513CC996"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*","matchCriteriaId":"AB425562-C0A0-452E-AABE-F70522F15E1A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*","matchCriteriaId":"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.7336","matchCriteriaId":"A6291C92-7D32-4CC2-B601-FAF5B70F3BFD"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.6293","matchCriteriaId":"BD2C9E88-C858-4B3D-A8C5-251DD6B69FD6"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.2700","matchCriteriaId":"4399F533-0094-43CF-872E-FC8E4A21A904"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.25398.1128","matchCriteriaId":"E477BBBE-C862-4127-9784-B181DD05BAE5"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38250","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-26687","sourceIdentifier":"secure@microsoft.com","published":"2025-04-08T18:15:53.383","lastModified":"2025-07-09T16:44:36.607","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network."},{"lang":"es","value":"Use after free en Windows Win32K: GRFX permite que un atacante no autorizado eleve privilegios en una red."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:universal:*:*","versionEndExcluding":"16.0.14326.22331","matchCriteriaId":"33744D2E-67B8-4BC9-A5BB-4D4C02A403E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.18730.20000","matchCriteriaId":"2B4E844F-72B0-4B50-A740-70E553F20A4E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.10240.20978","matchCriteriaId":"575117BF-9A1E-4B90-85D8-4172A58B3B72"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.10240.20978","matchCriteriaId":"B3B4804C-685B-4F37-92DE-CE73D1B106B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.7969","matchCriteriaId":"474622F8-06D4-4AD1-8D72-A674909A7634"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.7969","matchCriteriaId":"559D55D4-2BF2-4B8F-90CA-C6B885334A3E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.7136","matchCriteriaId":"13A4A79D-8D45-48FA-84F5-CE1A78E8E424"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.7136","matchCriteriaId":"03AB53EC-354E-4F30-A278-2835CA341503"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19044.5737","matchCriteriaId":"2ACCA6F4-C140-4B2E-93FF-1B9DC093E831"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19045.5737","matchCriteriaId":"09E0970D-79B9-40D9-BFFF-25EE5A686B04"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22621.5189","matchCriteriaId":"640C45C8-83C3-4BBC-9176-705BEAA80E64"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22631.5189","matchCriteriaId":"4CE9402D-6417-4F82-909A-D89C06C98794"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.3775","matchCriteriaId":"ED4B5FB3-A574-4DA6-9A43-0950B121CC92"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*","matchCriteriaId":"2127D10C-B6F3-4C1D-B9AA-5D78513CC996"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*","matchCriteriaId":"AB425562-C0A0-452E-AABE-F70522F15E1A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*","matchCriteriaId":"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.7969","matchCriteriaId":"6A232AB6-1EC5-44E7-AB75-0EB9A5A63259"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.7136","matchCriteriaId":"D2941A94-927C-4393-B2A0-4630F03B8B3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.3453","matchCriteriaId":"52706BEC-E3D6-4188-BB88-7078FE4AF970"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.25398.1551","matchCriteriaId":"0DA8E1E4-0C78-4ADC-9490-4A608D8601FD"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.3775","matchCriteriaId":"99601356-2DEE-482F-BCBC-A5C7D92D2D74"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26687","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-30386","sourceIdentifier":"secure@microsoft.com","published":"2025-05-13T17:16:01.593","lastModified":"2025-05-19T18:28:17.887","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"Use After Free en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.18827.20000","matchCriteriaId":"69858942-34BA-4316-B11B-2F6B3655F596"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30386","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-30388","sourceIdentifier":"secure@microsoft.com","published":"2025-05-13T17:16:01.903","lastModified":"2025-05-19T18:31:38.407","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"Desbordamiento de búfer basado en montón en Windows Win32K: GRFX permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:universal:*:*","versionEndExcluding":"16.0.14326.22502","matchCriteriaId":"E7E0351C-846A-4E4F-A15C-F1D5FF0A8D62"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.18827.20000","matchCriteriaId":"69858942-34BA-4316-B11B-2F6B3655F596"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.10240.21014","matchCriteriaId":"59596E66-63AB-4895-A385-57111ED18743"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.8066","matchCriteriaId":"286B3A60-FF95-4391-8AF0-D46D5AAB6234"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.7314","matchCriteriaId":"63199B82-79B6-461A-AC6D-CD1EE5EBCC80"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.7314","matchCriteriaId":"C7D99F6B-B97B-4010-AA5C-84E9FE50D860"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19044.5854","matchCriteriaId":"87D3BE2A-EF7B-4653-AE64-9F8FE0E12223"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19045.5854","matchCriteriaId":"6F95690D-5720-4ACD-A378-BC3040E42AF2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22621.5335","matchCriteriaId":"9929270C-5F72-40B8-B36B-073E6D1B00B6"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22631.5335","matchCriteriaId":"894FA410-3F24-45CB-B347-3F839CBA8DD8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.4061","matchCriteriaId":"644E96C3-1EA7-48E2-B800-C6ADA2D65FCD"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*","matchCriteriaId":"5F422A8C-2C4E-42C8-B420-E0728037E15C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*","matchCriteriaId":"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.8066","matchCriteriaId":"91433700-DB90-4524-8FAE-FF3895C2A45F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.7314","matchCriteriaId":"1B47EE2B-4081-4D43-8AF7-C8EB11852312"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.3692","matchCriteriaId":"76679D4E-C4EF-4EED-BCDE-79F5AF859576"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.25398.1611","matchCriteriaId":"2B9B2720-3733-4C50-85F7-156D781D15B8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.4061","matchCriteriaId":"DAE51E4F-FCFF-4DC0-9B76-861EE20D54A4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30388","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-47162","sourceIdentifier":"secure@microsoft.com","published":"2025-06-10T17:23:26.630","lastModified":"2025-07-09T14:00:13.640","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"El desbordamiento del búfer basado en montón en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*","matchCriteriaId":"40C15EDD-98D4-4D06-BA06-21AE0F33C72D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*","matchCriteriaId":"E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*","matchCriteriaId":"FF177984-A906-43FA-BF60-298133FBBD6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:*:*","matchCriteriaId":"6C9D7C93-E8CB-4A8A-BA15-093B03ACC62F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:*:*","matchCriteriaId":"BEA7C196-354E-414A-B0B8-821658C8BFB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47162","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-47164","sourceIdentifier":"secure@microsoft.com","published":"2025-06-10T17:23:31.333","lastModified":"2025-07-09T14:01:20.687","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"Use After Free en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*","matchCriteriaId":"40C15EDD-98D4-4D06-BA06-21AE0F33C72D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*","matchCriteriaId":"E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*","matchCriteriaId":"FF177984-A906-43FA-BF60-298133FBBD6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:*:*","matchCriteriaId":"6C9D7C93-E8CB-4A8A-BA15-093B03ACC62F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:*:*","matchCriteriaId":"BEA7C196-354E-414A-B0B8-821658C8BFB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47164","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-47167","sourceIdentifier":"secure@microsoft.com","published":"2025-06-10T17:23:41.107","lastModified":"2025-07-09T14:05:38.950","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"El acceso a un recurso mediante un tipo incompatible ('confusión de tipos') en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*","matchCriteriaId":"40C15EDD-98D4-4D06-BA06-21AE0F33C72D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.18925.20000","matchCriteriaId":"41DBED30-0F7F-4734-A2C4-E81D46D3DEDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*","matchCriteriaId":"E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*","matchCriteriaId":"FF177984-A906-43FA-BF60-298133FBBD6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:*:*","matchCriteriaId":"6C9D7C93-E8CB-4A8A-BA15-093B03ACC62F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:*:*","matchCriteriaId":"BEA7C196-354E-414A-B0B8-821658C8BFB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47167","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-47953","sourceIdentifier":"secure@microsoft.com","published":"2025-06-10T17:24:01.917","lastModified":"2025-07-09T13:32:18.977","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"Use After Free en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-641"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*","matchCriteriaId":"40C15EDD-98D4-4D06-BA06-21AE0F33C72D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*","matchCriteriaId":"E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*","matchCriteriaId":"FF177984-A906-43FA-BF60-298133FBBD6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*","matchCriteriaId":"0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:*:*:*","matchCriteriaId":"C5DC4F09-BCC3-4714-BF9D-230DF6445DE4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47953","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-49695","sourceIdentifier":"secure@microsoft.com","published":"2025-07-08T17:15:55.697","lastModified":"2025-07-15T16:46:53.947","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"Use after free en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49695","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-49696","sourceIdentifier":"secure@microsoft.com","published":"2025-07-08T17:15:55.917","lastModified":"2025-07-15T16:49:12.203","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"La lectura fuera de los límites en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"},{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49696","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-49697","sourceIdentifier":"secure@microsoft.com","published":"2025-07-08T17:15:56.147","lastModified":"2025-07-15T17:03:14.560","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"El desbordamiento del búfer basado en montón en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.10417.20027","matchCriteriaId":"5D3A6772-F212-4ADF-9E9D-12F83FE12CB6"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49697","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-49702","sourceIdentifier":"secure@microsoft.com","published":"2025-07-08T17:15:57.380","lastModified":"2025-07-16T17:39:15.960","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"El acceso a un recurso mediante un tipo incompatible ('confusión de tipos') en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49702","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-53732","sourceIdentifier":"secure@microsoft.com","published":"2025-08-12T18:15:43.057","lastModified":"2025-08-15T17:14:24.813","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"El desbordamiento del búfer basado en montón en Microsoft Office permite que un atacante no autorizado ejecute código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:universal:*:*","versionEndExcluding":"16.0.14326.22618","matchCriteriaId":"61108CED-2EB0-4CA4-BA2C-4C8526F1C95B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19127.20000","matchCriteriaId":"65CE678D-5797-401B-991D-928994D1412F"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53732","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-53766","sourceIdentifier":"secure@microsoft.com","published":"2025-08-12T18:15:45.400","lastModified":"2025-08-14T17:11:06.503","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network."},{"lang":"es","value":"El desbordamiento del búfer basado en montón en Windows GDI+ permite que un atacante no autorizado ejecute código a través de una red."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:universal:*:*","versionEndExcluding":"16.0.14326.22618","matchCriteriaId":"61108CED-2EB0-4CA4-BA2C-4C8526F1C95B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19127.20000","matchCriteriaId":"65CE678D-5797-401B-991D-928994D1412F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.10240.21100","matchCriteriaId":"29F441C0-F0F8-463F-B141-6A33EBA06B1D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.10240.21100","matchCriteriaId":"5C7C5886-496D-4CBA-956A-A097AC7535D4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.8330","matchCriteriaId":"4E2D87DA-8EFF-4BB0-B025-A13C3F523BD1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.8330","matchCriteriaId":"C28DF998-E700-4675-9737-40A53288F54C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.7678","matchCriteriaId":"3A513AB8-ED03-4BCF-8077-09A117254263"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.7678","matchCriteriaId":"47A8837D-AB4B-465B-8D1C-B89B4EDDBDD4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19044.6216","matchCriteriaId":"77A19D12-C137-4E01-AF99-E1E7BBC9F0C3"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19045.6216","matchCriteriaId":"44D27317-F93F-418E-8EC6-9BD1256677C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22621.5768","matchCriteriaId":"B07546D0-ED2A-4B93-83E7-EA808DC39724"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22631.5768","matchCriteriaId":"49E4DFC9-7EB4-4577-83C0-D1E94C2A8D97"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.4851","matchCriteriaId":"6376F067-CC36-4A7B-914B-0A60EFF1AC48"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*","matchCriteriaId":"2127D10C-B6F3-4C1D-B9AA-5D78513CC996"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*","matchCriteriaId":"AB425562-C0A0-452E-AABE-F70522F15E1A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*","matchCriteriaId":"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.8330","matchCriteriaId":"CD31CC61-6C1C-4232-87D7-E5B4FEBB1276"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.7678","matchCriteriaId":"D224ABEA-CCE3-4D7D-86B5-5BEDBF83303B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.3989","matchCriteriaId":"F752199D-6C01-4D8E-BD6C-3031E5CAED20"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.25398.1791","matchCriteriaId":"94E45649-92F4-4D4C-9D94-275506530222"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.4851","matchCriteriaId":"B75BE97E-C12D-4DFB-B5F2-B8BF90C3E64E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53766","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-53799","sourceIdentifier":"secure@microsoft.com","published":"2025-09-09T17:15:50.010","lastModified":"2025-10-02T18:50:42.580","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-908"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19220.20000","matchCriteriaId":"33867894-D461-4F5C-94BA-0FB19CF757CE"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.10240.21128","matchCriteriaId":"3C02B817-7D1B-4E29-B9D4-4858F5B870F4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.10240.21128","matchCriteriaId":"6F5077FC-74E8-4534-9E8E-68BB5DC4C331"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.8422","matchCriteriaId":"CCF6CD9B-8B61-4998-8AB1-98022B96627C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.8422","matchCriteriaId":"B959975A-0845-4975-987B-33BCE5C5F1BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.7792","matchCriteriaId":"DAD249FB-512C-4712-A54C-67283AB359A4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.7792","matchCriteriaId":"01360CEA-14B5-4566-84ED-D785BD98C78D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19044.6332","matchCriteriaId":"7A6EFA39-1D7C-4663-A412-AA6802FB27E8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19045.6332","matchCriteriaId":"45F6F341-FC2F-4629-8259-C5F8CC8E2EB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22621.5909","matchCriteriaId":"86480500-CDA6-4F8F-9B8C-F3FC77B15F67"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22631.5909","matchCriteriaId":"0A6C6080-3904-45F2-897E-F6583DB4A70A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.6508","matchCriteriaId":"6E1B4513-36E7-4DCD-96B3-A56184D37C87"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*","matchCriteriaId":"2127D10C-B6F3-4C1D-B9AA-5D78513CC996"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*","matchCriteriaId":"AB425562-C0A0-452E-AABE-F70522F15E1A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*","matchCriteriaId":"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.8422","matchCriteriaId":"705F2D9A-DBA3-45A9-B11E-EBE1E98E43E0"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.7792","matchCriteriaId":"07163682-D393-40AF-BEDD-CDD996C941ED"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.4106","matchCriteriaId":"DFE7D988-2ABE-4833-AFEB-90926E10B8EB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.25398.1849","matchCriteriaId":"986B3446-8F5A-4D4C-A240-7052ED135E5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.6508","matchCriteriaId":"B7DF196D-36BE-4A48-844E-E1D8405A9E1A"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53799","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-59227","sourceIdentifier":"secure@microsoft.com","published":"2025-10-14T17:16:03.550","lastModified":"2025-10-16T20:16:06.970","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19328.20000","matchCriteriaId":"B4E72526-9EED-417A-9154-0E91104E48A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59227","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-59234","sourceIdentifier":"secure@microsoft.com","published":"2025-10-14T17:16:05.013","lastModified":"2025-10-28T20:23:04.250","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19328.20000","matchCriteriaId":"B4E72526-9EED-417A-9154-0E91104E48A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59234","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-60724","sourceIdentifier":"secure@microsoft.com","published":"2025-11-11T18:15:41.060","lastModified":"2025-11-17T17:40:24.140","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19426.20044","matchCriteriaId":"BFBC41B3-9D2A-4D18-B3CB-D2B4186F9B22"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.8594","matchCriteriaId":"7BB42F69-3A99-4057-8C66-870B6ABFCED2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.8594","matchCriteriaId":"19D83039-82E6-420D-95EA-3D3B1BA37ED8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8027","matchCriteriaId":"16F25469-D606-4A71-9A94-C10E1D08B231"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8027","matchCriteriaId":"1A6A1513-48D5-4D4D-97F1-BFDAE4DC9396"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19044.6575","matchCriteriaId":"EB5C0945-7EA1-4874-98E7-4234D85E0C0D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19045.6575","matchCriteriaId":"655C5458-E6FB-408D-BCB4-0D28F8283D55"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22631.6199","matchCriteriaId":"0752A377-F96A-4B2F-B542-A9A9665AB913"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.7092","matchCriteriaId":"4345F25E-DF90-4CB2-B310-F82E08502815"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26200.7092","matchCriteriaId":"5A547AA3-FC6B-46D9-8D22-995C3CA33140"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*","matchCriteriaId":"2127D10C-B6F3-4C1D-B9AA-5D78513CC996"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*","matchCriteriaId":"AB425562-C0A0-452E-AABE-F70522F15E1A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*","matchCriteriaId":"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.8594","matchCriteriaId":"BD73B71D-FB6A-4B0E-80F5-9F6A06FC93A3"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8027","matchCriteriaId":"970E52EF-A858-4132-9D8C-4B31E169002C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.4346","matchCriteriaId":"5791ADD5-7D67-4659-9DA2-09337A1D82C1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.25398.1965","matchCriteriaId":"256174B8-134D-44F5-9497-408AC51DE5DB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.7092","matchCriteriaId":"69424DAF-E9EA-4B50-80EC-5BAA97DEB772"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60724","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-62199","sourceIdentifier":"secure@microsoft.com","published":"2025-11-11T18:15:43.013","lastModified":"2025-11-19T15:15:49.570","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*","matchCriteriaId":"CD88F667-6773-4DB7-B6C3-9C7B769C0808"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*","matchCriteriaId":"B342EF98-B414-44D0-BAFB-FCA24294EECE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19426.20044","matchCriteriaId":"BFBC41B3-9D2A-4D18-B3CB-D2B4186F9B22"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62199","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.vicarius.io/vsociety/posts/cve-2025-62199-detect-microsoft-office-rce-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.vicarius.io/vsociety/posts/cve-2025-62199-mitigate-microsoft-office-rce-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-62554","sourceIdentifier":"secure@microsoft.com","published":"2025-12-09T18:16:00.620","lastModified":"2025-12-10T18:37:25.813","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62554","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-62557","sourceIdentifier":"secure@microsoft.com","published":"2025-12-09T18:16:01.127","lastModified":"2025-12-10T15:41:46.367","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:-:*:*:*:*:android:*:*","matchCriteriaId":"DD6ED53F-7197-439D-A458-0DF13E16AE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62557","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-71066","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-01-13T16:16:05.960","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`.  It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n                          struct netlink_ext_ack *extack)\n{\n...\n\n      // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n      //to race with .dequeue handler (`ets_qdisc_dequeue`)\n      sch_tree_lock(sch);\n\n      for (i = nbands; i < oldbands; i++) {\n              if (i >= q->nstrict && q->classes[i].qdisc->q.qlen)\n                      list_del_init(&q->classes[i].alist);\n              qdisc_purge_queue(q->classes[i].qdisc);\n      }\n\n      WRITE_ONCE(q->nbands, nbands);\n      for (i = nstrict; i < q->nstrict; i++) {\n              if (q->classes[i].qdisc->q.qlen) {\n\t\t      // (2) the class is added to the q->active\n                      list_add_tail(&q->classes[i].alist, &q->active);\n                      q->classes[i].deficit = quanta[i];\n              }\n      }\n      WRITE_ONCE(q->nstrict, nstrict);\n      memcpy(q->prio2band, priomap, sizeof(priomap));\n\n      for (i = 0; i < q->nbands; i++)\n              WRITE_ONCE(q->classes[i].quantum, quanta[i]);\n\n      for (i = oldbands; i < q->nbands; i++) {\n              q->classes[i].qdisc = queues[i];\n              if (q->classes[i].qdisc != &noop_qdisc)\n                      qdisc_hash_add(q->classes[i].qdisc, true);\n      }\n\n      // (3) the qdisc is unlocked, now dequeue can be called in parallel\n      // to the rest of .change handler\n      sch_tree_unlock(sch);\n\n      ets_offload_change(sch);\n      for (i = q->nbands; i < oldbands; i++) {\n\t      // (4) we're reducing the refcount for our class's qdisc and\n\t      //  freeing it\n              qdisc_put(q->classes[i].qdisc);\n\t      // (5) If we call .dequeue between (4) and (5), we will have\n\t      // a strong UAF and we can control RIP\n              q->classes[i].qdisc = NULL;\n              WRITE_ONCE(q->classes[i].quantum, 0);\n              q->classes[i].deficit = 0;\n              gnet_stats_basic_sync_init(&q->classes[i].bstats);\n              memset(&q->classes[i].qstats, 0, sizeof(q->classes[i].qstats));\n      }\n      return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\"   # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n  tc qdisc del dev \"$DEV\" root 2>/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2>/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n  tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n  >/dev/null 2>&1 &\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---"},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nnet/sched: ets: Siempre eliminar la clase de la lista activa antes de eliminar en ets_qdisc_change\n\nzdi-disclosures@trendmicro.com dice:\n\nLa vulnerabilidad es una condición de carrera entre 'ets_qdisc_dequeue' y\n'ets_qdisc_change'. Conduce a UAF en el objeto 'struct Qdisc'.\nEl atacante requiere la capacidad de crear un nuevo usuario y un espacio de nombres de red\npara activar el error.\nVer mi comentario adicional al final del análisis.\n\nAnálisis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n                          struct netlink_ext_ack *extack)\n{\n...\n\n      // (1) este bloqueo está evitando que el manejador .change ('ets_qdisc_change')\n      //compita con el manejador .dequeue ('ets_qdisc_dequeue')\n      sch_tree_lock(sch);\n\n      for (i = nbands; i &lt; oldbands; i++) {\n              if (i &gt;= q-&gt;nstrict &amp;&amp; q-&gt;classes[i].qdisc-&gt;q.qlen)\n                      list_del_init(&amp;q-&gt;classes[i].alist);\n              qdisc_purge_queue(q-&gt;classes[i].qdisc);\n      }\n\n      WRITE_ONCE(q-&gt;nbands, nbands);\n      for (i = nstrict; i &lt; q-&gt;nstrict; i++) {\n              if (q-&gt;classes[i].qdisc-&gt;q.qlen) {\n\t\t      // (2) la clase se añade a q-&gt;active\n                      list_add_tail(&amp;q-&gt;classes[i].alist, &amp;q-&gt;active);\n                      q-&gt;classes[i].deficit = quanta[i];\n              }\n      }\n      WRITE_ONCE(q-&gt;nstrict, nstrict);\n      memcpy(q-&gt;prio2band, priomap, sizeof(priomap));\n\n      for (i = 0; i &lt; q-&gt;nbands; i++)\n              WRITE_ONCE(q-&gt;classes[i].quantum, quanta[i]);\n\n      for (i = oldbands; i &lt; q-&gt;nbands; i++) {\n              q-&gt;classes[i].qdisc = queues[i];\n              if (q-&gt;classes[i].qdisc != &amp;noop_qdisc)\n                      qdisc_hash_add(q-&gt;classes[i].qdisc, true);\n      }\n\n      // (3) el qdisc se desbloquea, ahora dequeue puede ser llamado en paralelo\n      // al resto del manejador .change\n      sch_tree_unlock(sch);\n\n      ets_offload_change(sch);\n      for (i = q-&gt;nbands; i &lt; oldbands; i++) {\n\t      // (4) estamos reduciendo el contador de referencias para el qdisc de nuestra clase y\n\t      //  liberándolo\n              qdisc_put(q-&gt;classes[i].qdisc);\n\t      // (5) Si llamamos a .dequeue entre (4) y (5), tendremos\n\t      // un UAF fuerte y podremos controlar RIP\n              q-&gt;classes[i].qdisc = NULL;\n              WRITE_ONCE(q-&gt;classes[i].quantum, 0);\n              q-&gt;classes[i].deficit = 0;\n              gnet_stats_basic_sync_init(&amp;q-&gt;classes[i].bstats);\n              memset(&amp;q-&gt;classes[i].qstats, 0, sizeof(q-&gt;classes[i].qstats));\n      }\n      return 0;\n}\n\nComentario:\nEsto sucede porque algunas de las clases tienen sus qdiscs asignados a\nNULL, pero permanecen en la lista activa. Este commit soluciona este problema al siempre\neliminar la clase de la lista activa antes de eliminar y liberar su\nqdisc asociado.\n\nPasos para Reproducir\n(versión recortada de lo que fue enviado por zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\"   # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n  tc qdisc del dev \"$DEV\" root 2&gt;/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2&gt;/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n  tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n  &gt;/dev/null 2&gt;&amp;1 &amp;\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\nt"}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/062d5d544e564473450d72e6af83077c2b2ff7c3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/06bfb66a7c8b45e3fed01351a4b087410ae5ef39","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/45466141da3c98a0c5fa88be0bc14b4b6a4bd75c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/9987cda315c08f63a02423fa2f9a1f6602c861a0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/a75d617a4ef08682f5cfaadc01d5141c87e019c9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/c7f6e7cc14df72b997258216e99d897d2df0dbbd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/ce052b9402e461a9aded599f5b47e76bc727f7de","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}},{"cve":{"id":"CVE-2026-24285","sourceIdentifier":"secure@microsoft.com","published":"2026-03-10T18:18:18.370","lastModified":"2026-03-13T19:25:11.460","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally."},{"lang":"es","value":"Uso después de liberar en Windows Win32K permite a un atacante autorizado elevar privilegios localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19822.20000","matchCriteriaId":"7FD93048-8E0A-4316-BC0E-3182FC19B25D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.8957","matchCriteriaId":"5AA53525-2EE3-4815-9EEB-49572C16AFC1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.8957","matchCriteriaId":"CB112C3D-A9C8-41A3-A3DD-ACB42387D087"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8511","matchCriteriaId":"B2DCF6CD-BA92-4DB2-855E-DE8158AC6B57"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8511","matchCriteriaId":"40D953EB-E3B1-471A-8400-957984A092EB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7058","matchCriteriaId":"35CA4CA1-5EDE-4612-9C17-9AA167F773B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7058","matchCriteriaId":"C18770C8-2B7F-4212-8A4F-1101ABFF4C44"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7058","matchCriteriaId":"DD070C42-5A71-4D20-B9BA-766565DFC99B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7058","matchCriteriaId":"17DCF9E0-A09A-48A3-B281-D22EE76B8062"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7058","matchCriteriaId":"51FF473A-566D-45FB-868D-03F3907E094A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7058","matchCriteriaId":"5FC02001-58B6-4EE4-9552-003F2412ED0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.6783","matchCriteriaId":"E8B076BC-42F9-4972-BE73-3874E694CD3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.6783","matchCriteriaId":"6E98A971-B530-4289-B7B2-8403BD2DAD07"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.7979","matchCriteriaId":"3381C469-C150-4724-8A53-E11794797D9F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.7979","matchCriteriaId":"6F1A77F2-59BC-4F92-81A0-2A4E8981FEFB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.7979","matchCriteriaId":"58F3AA3B-9960-48F9-B013-8CF6BA09893C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.7979","matchCriteriaId":"F113DAFC-91E5-42C1-A2C3-B9C9286D240B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.8957","matchCriteriaId":"E31E4CDC-138B-41CF-927A-0528A6F605FB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8511","matchCriteriaId":"2DA555D5-4452-4CD0-AB68-BA175C34EC3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.4830","matchCriteriaId":"C037CFF5-1294-4724-A28C-42B72A7F0B2E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.25398.2207","matchCriteriaId":"4A3C9232-BEAB-4D6B-B465-4C4643098054"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32463","matchCriteriaId":"04014C9F-24B4-4A7A-B2E1-B80EFB7F6D4E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24285","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-25180","sourceIdentifier":"secure@microsoft.com","published":"2026-03-10T18:18:34.097","lastModified":"2026-03-13T17:40:01.323","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally."},{"lang":"es","value":"Lectura fuera de límites en el Componente Gráfico de Microsoft permite a un atacante no autorizado divulgar información localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19822.20000","matchCriteriaId":"7FD93048-8E0A-4316-BC0E-3182FC19B25D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.8957","matchCriteriaId":"5AA53525-2EE3-4815-9EEB-49572C16AFC1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.8957","matchCriteriaId":"CB112C3D-A9C8-41A3-A3DD-ACB42387D087"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8511","matchCriteriaId":"B2DCF6CD-BA92-4DB2-855E-DE8158AC6B57"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8511","matchCriteriaId":"40D953EB-E3B1-471A-8400-957984A092EB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7058","matchCriteriaId":"35CA4CA1-5EDE-4612-9C17-9AA167F773B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7058","matchCriteriaId":"C18770C8-2B7F-4212-8A4F-1101ABFF4C44"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7058","matchCriteriaId":"DD070C42-5A71-4D20-B9BA-766565DFC99B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7058","matchCriteriaId":"17DCF9E0-A09A-48A3-B281-D22EE76B8062"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7058","matchCriteriaId":"51FF473A-566D-45FB-868D-03F3907E094A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7058","matchCriteriaId":"5FC02001-58B6-4EE4-9552-003F2412ED0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.6783","matchCriteriaId":"E8B076BC-42F9-4972-BE73-3874E694CD3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.6783","matchCriteriaId":"6E98A971-B530-4289-B7B2-8403BD2DAD07"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.7979","matchCriteriaId":"3381C469-C150-4724-8A53-E11794797D9F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.7979","matchCriteriaId":"6F1A77F2-59BC-4F92-81A0-2A4E8981FEFB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.7979","matchCriteriaId":"58F3AA3B-9960-48F9-B013-8CF6BA09893C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.7979","matchCriteriaId":"F113DAFC-91E5-42C1-A2C3-B9C9286D240B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.1719","matchCriteriaId":"30606CC6-21D2-4EAC-B568-DABA2786EC61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.1719","matchCriteriaId":"62E818F7-1053-4CD2-9CCE-EF84D3FA7861"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.8957","matchCriteriaId":"E31E4CDC-138B-41CF-927A-0528A6F605FB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8511","matchCriteriaId":"2DA555D5-4452-4CD0-AB68-BA175C34EC3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.4830","matchCriteriaId":"C037CFF5-1294-4724-A28C-42B72A7F0B2E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.25398.2207","matchCriteriaId":"4A3C9232-BEAB-4D6B-B465-4C4643098054"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32463","matchCriteriaId":"04014C9F-24B4-4A7A-B2E1-B80EFB7F6D4E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25180","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-26110","sourceIdentifier":"secure@microsoft.com","published":"2026-03-10T18:18:39.480","lastModified":"2026-03-13T16:20:04.433","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally."},{"lang":"es","value":"Acceso a un recurso usando un tipo incompatible (confusión de tipos) en Microsoft Office permite a un atacante no autorizado ejecutar código localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Primary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19822.20000","matchCriteriaId":"7FD93048-8E0A-4316-BC0E-3182FC19B25D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26110","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-26134","sourceIdentifier":"secure@microsoft.com","published":"2026-03-10T18:18:42.803","lastModified":"2026-03-13T17:06:18.123","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally."},{"lang":"es","value":"Desbordamiento de entero o ajuste circular en Microsoft Office permite a un atacante autorizado elevar privilegios localmente."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Primary","description":[{"lang":"en","value":"CWE-190"},{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19822.20000","matchCriteriaId":"7FD93048-8E0A-4316-BC0E-3182FC19B25D"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26134","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-1471","sourceIdentifier":"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6","published":"2026-03-11T17:16:54.160","lastModified":"2026-03-12T21:08:22.643","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticated users inheriting the context of the first user who authenticated after restart. The issue is limited to certain non-default configurations of SSO (UserInfo endpoint). \nWe recommend upgrading to versions 2026.01.4 (or 5.26.22) where the issue is fixed."},{"lang":"es","value":"El almacenamiento en caché excesivo del contexto de autenticación en versiones de Neo4j Enterprise edition anteriores a 2026.01.4 lleva a que los usuarios autenticados hereden el contexto del primer usuario que se autenticó después del reinicio. El problema se limita a ciertas configuraciones no predeterminadas de SSO (punto final UserInfo). Recomendamos actualizar a las versiones 2026.01.4 (o 5.26.22) donde el problema está solucionado."}],"metrics":{"cvssMetricV40":[{"source":"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:L/U:Clear","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"CLEAR"}}]},"weaknesses":[{"source":"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://neo4j.com/security/CVE-2026-1471","source":"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6"}]}},{"cve":{"id":"CVE-2026-1524","sourceIdentifier":"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6","published":"2026-03-11T17:16:54.477","lastModified":"2026-03-12T21:08:22.643","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised access under the following conditions:\n\n\nIf a neo4j admin configures two or more OIDC providers AND configures one or more of them to be an authorization provider AND configures one or more of them to be authentication-only, then those that are authentication-only will also provide authorization. This edgecase becomes a security problem only if the authentication-only provider contains groups which have higher privileges than provided by the intended (configured) authorization provider.  \n\nWhen using multiple plugins for authentication and authorisation, prior to the fix the issue could lead to a plugin configured to provide only authentication or authorisation capabilities erroneously providing both capabilities. \n\nWe recommend upgrading to versions 2026.02 (or 5.26.22) where the issue is fixed."},{"lang":"es","value":"Un caso límite en la implementación de SSO en versiones de Neo4j Enterprise edition anteriores a la versión 2026.02 puede llevar a un acceso no autorizado bajo las siguientes condiciones:\n\nSi un administrador de Neo4j configura dos o más proveedores OIDC Y configura uno o más de ellos como proveedor de autorización Y configura uno o más de ellos para ser solo de autenticación, entonces aquellos que son solo de autenticación también proporcionarán autorización. Este caso límite se convierte en un problema de seguridad solo si el proveedor solo de autenticación contiene grupos que tienen privilegios más altos que los proporcionados por el proveedor de autorización previsto (configurado).\n\nAl usar múltiples plugins para autenticación y autorización, antes de la corrección, el problema podría llevar a que un plugin configurado para proporcionar solo capacidades de autenticación o autorización proporcionara erróneamente ambas capacidades.\n\nRecomendamos actualizar a las versiones 2026.02 (o 5.26.22) donde el problema está corregido."}],"metrics":{"cvssMetricV40":[{"source":"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Green","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"GREEN"}}]},"weaknesses":[{"source":"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6","type":"Secondary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://neo4j.com/security/CVE-2026-1524","source":"3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6"}]}},{"cve":{"id":"CVE-2026-23246","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-18T11:16:16.570","lastModified":"2026-04-02T15:16:26.923","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration\n\nlink_id is taken from the ML Reconfiguration element (control & 0x000f),\nso it can be 0..15. link_removal_timeout[] has IEEE80211_MLD_MAX_NUM_LINKS\n(15) elements, so index 15 is out-of-bounds. Skip subelements with\nlink_id >= IEEE80211_MLD_MAX_NUM_LINKS to avoid a stack out-of-bounds\nwrite."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nwifi: mac80211: verificación de límites de link_id en ieee80211_ml_reconfiguration\n\nlink_id se toma del elemento de reconfiguración ML (control &amp; 0x000f), por lo que puede ser 0..15. link_removal_timeout[] tiene IEEE80211_MLD_MAX_NUM_LINKS (15) elementos, por lo que el índice 15 está fuera de los límites. Omitir subelementos con link_id &gt;= IEEE80211_MLD_MAX_NUM_LINKS para evitar una escritura fuera de los límites de la pila."}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"references":[{"url":"https://git.kernel.org/stable/c/162d331d833dc73a3e905a24c44dd33732af1fc5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/650981e718e68005ca2760a6358134b8a98ebea4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/bfde158d5d1322c0c2df398a8d1ccce04943be2e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/d58d71c2167601762351962b9604808d3be94400","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/f35ceec54d48e227fa46f8f97fd100a77b8eab15","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}},{"cve":{"id":"CVE-2026-28809","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-03-23T11:16:24.343","lastModified":"2026-04-06T17:17:09.377","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"XML External Entity (XXE) vulnerability in esaml (and its forks) allows an attacker to cause the system to read local files and incorporate their contents into processed SAML documents, and potentially perform SSRF via crafted SAML messages.\n\nesaml parses attacker-controlled SAML messages using xmerl_scan:string/2 before signature verification without disabling XML entity expansion. On Erlang/OTP versions before 27, Xmerl allows entities by default, enabling pre-signature XXE attacks. An attacker can cause the host to read local files (e.g., Kubernetes-mounted secrets) into the SAML document. If the attacker is not a trusted SAML SP, signature verification will fail and the document is discarded, but file contents may still be exposed through logs or error messages.\n\nThis issue affects all versions of esaml, including forks by arekinath, handnot2, and dropbox. Users running on Erlang/OTP 27 or later are not affected due to Xmerl defaulting to entities disabled."},{"lang":"es","value":"La vulnerabilidad de Entidad Externa XML (XXE) en esaml (y sus bifurcaciones) permite a un atacante hacer que el sistema lea archivos locales e incorpore su contenido en documentos SAML procesados, y potencialmente realizar SSRF a través de mensajes SAML manipulados.\n\nesaml analiza mensajes SAML controlados por el atacante utilizando xmerl_scan:string/2 antes de la verificación de firma sin deshabilitar la expansión de entidades XML. En versiones de Erlang/OTP anteriores a la 27, Xmerl permite entidades por defecto, lo que habilita ataques XXE previos a la firma. Un atacante puede hacer que el host lea archivos locales (por ejemplo, secretos montados en Kubernetes) en el documento SAML. Si el atacante no es un SP SAML de confianza, la verificación de firma fallará y el documento será descartado, pero el contenido del archivo aún puede quedar expuesto a través de registros o mensajes de error.\n\nEste problema afecta a todas las versiones de esaml, incluyendo las bifurcaciones de arekinath, handnot2 y dropbox. Los usuarios que ejecutan Erlang/OTP 27 o posterior no se ven afectados debido a que Xmerl deshabilita las entidades por defecto."}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-28809.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/Jump-App/esaml/commit/bab85efde7c136911402a881ca55173759467a26","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-28809","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"}]}},{"cve":{"id":"CVE-2026-4698","sourceIdentifier":"security@mozilla.org","published":"2026-03-24T13:16:05.783","lastModified":"2026-04-13T15:17:39.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9."},{"lang":"es","value":"Miscompilación JIT en el motor JavaScript: Componente JIT. Esta vulnerabilidad afecta a Firefox &lt; 149, Firefox ESR &lt; 115.34, Firefox ESR &lt; 140.9, Thunderbird &lt; 149 y Thunderbird &lt; 140.9."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-843"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"115.34.0","matchCriteriaId":"063BE653-69B0-4543-9A90-BC7A62C943B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"149.0","matchCriteriaId":"02F2B82F-E997-4D5F-BBB0-237E4962555B"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionStartIncluding":"128.0","versionEndExcluding":"140.9.0","matchCriteriaId":"525DEC0C-BB47-46C6-9AEB-98F27D4685FE"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2020906","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","source":"security@mozilla.org"},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","source":"security@mozilla.org"}]}},{"cve":{"id":"CVE-2026-32145","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-04-02T11:16:21.870","lastModified":"2026-04-06T17:17:09.707","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Allocation of Resources Without Limits or Throttling vulnerability in gleam-wisp wisp allows a denial of service via multipart form body parsing.\n\nThe multipart_body function bypasses configured max_body_size and max_files_size limits. When a multipart boundary is not present in a chunk, the parser takes the MoreRequiredForBody path, which appends the chunk to the output but passes the quota unchanged to the recursive call. Only the final chunk containing the boundary is counted via decrement_quota. The same pattern exists in multipart_headers, where MoreRequiredForHeaders recurses without calling decrement_body_quota.\n\nAn unauthenticated attacker can exhaust server memory or disk by sending arbitrarily large multipart form submissions in a single HTTP request.\n\nThis issue affects wisp: from 0.2.0 before 2.2.2."}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-32145.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/gleam-wisp/wisp/commit/7a978748e12ab29db232c222254465890e1a4a90","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/gleam-wisp/wisp/security/advisories/GHSA-8645-p2v4-73r2","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-32145","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"}]}},{"cve":{"id":"CVE-2026-40170","sourceIdentifier":"security-advisories@github.com","published":"2026-04-16T22:16:38.220","lastModified":"2026-05-21T19:35:19.783","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport parameters during the QUIC handshake to cause writes beyond the buffer boundary, resulting in a stack buffer overflow. This affects deployments that enable the qlog callback and process untrusted peer transport parameters. This issue has been fixed in version 1.22.1. If developers are unable to immediately upgrade, they can disable the qlog on client."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nghttp2:ngtcp2:*:*:*:*:*:*:*:*","versionEndExcluding":"1.22.1","matchCriteriaId":"05E95440-88C8-4ABB-ACCC-29D9812579C9"}]}]}],"references":[{"url":"https://github.com/ngtcp2/ngtcp2/commit/708a7640c1f48fb8ffb540c4b8ea5b4c1dfb8ee5","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/ngtcp2/ngtcp2/security/advisories/GHSA-f523-465f-8c8f","source":"security-advisories@github.com","tags":["Exploit","Patch","Vendor Advisory","Mitigation"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/17/12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Patch","Third Party Advisory","Mitigation"]},{"url":"https://github.com/ngtcp2/ngtcp2/security/advisories/GHSA-f523-465f-8c8f","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-32688","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-04-27T14:16:47.340","lastModified":"2026-04-27T18:57:20.293","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Allocation of Resources Without Limits or Throttling vulnerability in elixir-plug plug_cowboy allows unauthenticated remote denial of service via atom table exhaustion.\n\nPlug.Cowboy.Conn.conn/1 in lib/plug/cowboy/conn.ex calls String.to_atom/1 on the value returned by :cowboy_req.scheme/1. For HTTP/2 connections, cowlib passes the client-supplied :scheme pseudo-header value through verbatim without validation. Each unique value permanently allocates a new entry in the BEAM atom table. Since atoms are never garbage-collected and the atom table has a fixed limit (default 1,048,576), an unauthenticated attacker can exhaust the table by sending HTTP/2 requests with unique :scheme values, causing the Erlang VM to abort with system_limit and taking down the entire node.\n\nThis vulnerability does not affect HTTP/1.1, where cowboy derives the scheme from the listener type rather than from a client-supplied header.\n\nThis issue affects plug_cowboy: from 2.0.0 before 2.8.1."}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-32688.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/elixir-plug/plug_cowboy/commit/bfb34cb45eb354e56437f7023fb306de1bf9c19b","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/elixir-plug/plug_cowboy/security/advisories/GHSA-q8x4-x7mp-5vg2","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-32688","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"}]}},{"cve":{"id":"CVE-2026-43073","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-05T16:16:16.650","lastModified":"2026-05-06T13:08:07.970","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nx86-64: rename misleadingly named '__copy_user_nocache()' function\n\nThis function was a masterclass in bad naming, for various historical\nreasons.\n\nIt claimed to be a non-cached user copy.  It is literally _neither_ of\nthose things.  It's a specialty memory copy routine that uses\nnon-temporal stores for the destination (but not the source), and that\ndoes exception handling for both source and destination accesses.\n\nAlso note that while it works for unaligned targets, any unaligned parts\n(whether at beginning or end) will not use non-temporal stores, since\nonly words and quadwords can be non-temporal on x86.\n\nThe exception handling means that it _can_ be used for user space\naccesses, but not on its own - it needs all the normal \"start user space\naccess\" logic around it.\n\nBut typically the user space access would be the source, not the\nnon-temporal destination.  That was the original intention of this,\nwhere the destination was some fragile persistent memory target that\nneeded non-temporal stores in order to catch machine check exceptions\nsynchronously and deal with them gracefully.\n\nThus that non-descriptive name: one use case was to copy from user space\ninto a non-cached kernel buffer.  However, the existing users are a mix\nof that intended use-case, and a couple of random drivers that just did\nthis as a performance tweak.\n\nSome of those random drivers then actively misused the user copying\nversion (with STAC/CLAC and all) to do kernel copies without ever even\ncaring about the exception handling, _just_ for the non-temporal\ndestination.\n\nRename it as a first small step to actually make it halfway sane, and\nchange the prototype to be more normal: it doesn't take a user pointer\nunless the caller has done the proper conversion, and the argument size\nis the full size_t (it still won't actually copy more than 4GB in one\ngo, but there's also no reason to silently truncate the size argument in\nthe caller).\n\nFinally, use this now sanely named function in the NTB code, which\nmis-used a user copy version (with STAC/CLAC and all) of this interface\ndespite it not actually being a user copy at all."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/14b9194db4a28421a4dbe5d6e519efbaa7c5f3cd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/c6d4e0599e7e73abc04e2488dfeb7940c4039660","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/d187a86de793f84766ea40b9ade7ac60aabbb4fe","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/d993e1723aa2a085aa0d72e70ea889031fc225b4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/efea91ad1729ff1853d7418e4d3bc27d085e72d0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}},{"cve":{"id":"CVE-2026-42793","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-05-08T16:16:12.550","lastModified":"2026-05-13T15:57:03.607","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via atom table exhaustion when parsing attacker-controlled GraphQL SDL.\n\nMultiple Blueprint.Draft.convert/2 implementations in Absinthe's SDL language modules call String.to_atom/1 on attacker-controlled names from parsed GraphQL SDL documents, including directive names, field names, type names, and argument names. Because atoms are never garbage-collected and the BEAM atom table has a fixed limit (default 1,048,576), each unique name permanently consumes one slot. An attacker can exhaust the atom table by submitting SDL documents containing enough unique names, causing the Erlang VM to abort with system_limit and taking down the entire node.\n\nAny application that passes attacker-controlled GraphQL SDL through Absinthe's parser is exposed — for example, a schema-upload endpoint, a federation gateway that ingests remote SDL, or any developer tool that runs the parser over user-supplied documents.\n\nThis issue affects absinthe: from 1.5.0 before 1.10.2."}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-42793.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/absinthe-graphql/absinthe/commit/dd842b938e3823f345c10416914ffab5d5536838","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/absinthe-graphql/absinthe/security/advisories/GHSA-qf4g-9fqq-mmm7","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-42793","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"}]}},{"cve":{"id":"CVE-2026-43967","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-05-08T16:16:12.910","lastModified":"2026-05-13T15:57:03.607","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Inefficient Algorithmic Complexity vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via quadratic fragment-name uniqueness validation.\n\n'Elixir.Absinthe.Phase.Document.Validation.UniqueFragmentNames':run/2 iterates over all fragments and for each one calls duplicate?/2, which evaluates Enum.count(fragments, &(&1.name == name)) — a full linear scan of the fragment list. The result is O(N²) comparisons per document, where N is the number of fragment definitions supplied by the caller.\n\nBecause input.fragments is built directly from the GraphQL query body, N is fully attacker-controlled. A minimum-size fragment definition is roughly 16 bytes, so a ~1 MB document carries ~60,000 fragments and forces ~3.6 × 10⁹ comparisons inside this single validation phase. No authentication, schema knowledge, or special configuration is required.\n\nThis issue affects absinthe: from 1.2.0 before 1.10.2."}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-407"}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-43967.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/absinthe-graphql/absinthe/commit/223600c520493dcaf95080af552c413099f92c9d","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/absinthe-graphql/absinthe/security/advisories/GHSA-9mhv-8h52-q7q2","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-43967","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"}]}},{"cve":{"id":"CVE-2026-7790","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-05-11T19:16:29.477","lastModified":"2026-05-13T15:57:03.607","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Uncontrolled Resource Consumption vulnerability in ninenines cowlib (cow_http_te module) allows Excessive Allocation.\n\nThe chunked transfer-encoding parser in cow_http_te accepts an unbounded number of hex digits in the chunk-size field. Each digit causes a bignum multiplication (Len * 16 + digit), so parsing N hex digits requires O(N²) CPU work and O(N) memory. Additionally, when input is drip-fed, the parser discards the accumulated length on each partial read and restarts from zero on resumption, raising the cost to O(N³). An unauthenticated remote attacker can exploit this by sending an HTTP/1.1 request with Transfer-Encoding: chunked and a very long chunk-size hex string to cause denial of service through CPU exhaustion and memory amplification.\n\nThis vulnerability is associated with program file src/cow_http_te.erl and program routines cow_http_te:stream_chunked/2, cow_http_te:chunked_len/4.\n\nThis issue affects cowlib: from 0.6.0 before 2.16.1."}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-7790.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/ninenines/cowlib/commit/a4b8039ce8c93ab00867ef6b7e888822c09f4369","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-7790","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"}]}},{"cve":{"id":"CVE-2026-28847","sourceIdentifier":"product-security@apple.com","published":"2026-05-11T21:18:51.507","lastModified":"2026-05-14T14:32:50.940","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"18.7.9","matchCriteriaId":"F3968B76-E6DE-416D-A0FB-E4833FFAAE0F"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5","matchCriteriaId":"20644D7E-2AB6-48CA-AED4-C474A9867986"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"18.7.9","matchCriteriaId":"B6431EAF-B395-4C19-9AB6-A2F45991C897"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5","matchCriteriaId":"1BE54A3B-D667-43BA-AB71-BCF8438054E0"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5","matchCriteriaId":"6CB91417-90A8-4A9B-A1D0-1D94B80EF837"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","versionEndExcluding":"26.5","matchCriteriaId":"176C47FD-FA25-437B-9061-A81CAA367AEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*","versionEndExcluding":"26.5","matchCriteriaId":"C8F45D80-0DF8-444E-9AF1-703A1075F046"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"26.5","matchCriteriaId":"057B244F-5485-4108-8E23-FE15F5256EE7"}]}]}],"references":[{"url":"https://support.apple.com/en-us/127110","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127111","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127115","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127118","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127119","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127120","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127121","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-28940","sourceIdentifier":"product-security@apple.com","published":"2026-05-11T21:18:55.223","lastModified":"2026-05-13T14:08:47.003","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing a maliciously crafted image may corrupt process memory."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"18.7.9","matchCriteriaId":"F3968B76-E6DE-416D-A0FB-E4833FFAAE0F"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5","matchCriteriaId":"20644D7E-2AB6-48CA-AED4-C474A9867986"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"18.7.9","matchCriteriaId":"B6431EAF-B395-4C19-9AB6-A2F45991C897"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5","matchCriteriaId":"1BE54A3B-D667-43BA-AB71-BCF8438054E0"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0","versionEndExcluding":"15.7.7","matchCriteriaId":"2984C440-3DC2-413A-B5FA-1FAB21078DB8"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5","matchCriteriaId":"6CB91417-90A8-4A9B-A1D0-1D94B80EF837"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","versionEndExcluding":"26.5","matchCriteriaId":"176C47FD-FA25-437B-9061-A81CAA367AEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*","versionEndExcluding":"26.5","matchCriteriaId":"C8F45D80-0DF8-444E-9AF1-703A1075F046"}]}]}],"references":[{"url":"https://support.apple.com/en-us/127110","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127111","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127115","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127116","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127118","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127120","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-28955","sourceIdentifier":"product-security@apple.com","published":"2026-05-11T21:18:56.570","lastModified":"2026-05-13T21:16:44.147","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"18.7.9","matchCriteriaId":"F3968B76-E6DE-416D-A0FB-E4833FFAAE0F"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5","matchCriteriaId":"20644D7E-2AB6-48CA-AED4-C474A9867986"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"18.7.9","matchCriteriaId":"B6431EAF-B395-4C19-9AB6-A2F45991C897"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5","matchCriteriaId":"1BE54A3B-D667-43BA-AB71-BCF8438054E0"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5","matchCriteriaId":"6CB91417-90A8-4A9B-A1D0-1D94B80EF837"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","versionEndExcluding":"26.5","matchCriteriaId":"176C47FD-FA25-437B-9061-A81CAA367AEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*","versionEndExcluding":"26.5","matchCriteriaId":"C8F45D80-0DF8-444E-9AF1-703A1075F046"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"26.5","matchCriteriaId":"057B244F-5485-4108-8E23-FE15F5256EE7"}]}]}],"references":[{"url":"https://support.apple.com/en-us/127110","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127111","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127115","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127118","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127119","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127120","source":"product-security@apple.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.apple.com/en-us/127121","source":"product-security@apple.com"}]}},{"cve":{"id":"CVE-2026-40363","sourceIdentifier":"secure@microsoft.com","published":"2026-05-12T18:17:15.217","lastModified":"2026-05-19T18:05:10.807","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Primary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19822.20190","matchCriteriaId":"D6226193-F09C-4C63-8020-E13666AED43D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*","matchCriteriaId":"72324216-4EB3-4243-A007-FEF3133C7DF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*","matchCriteriaId":"0FBB0E61-7997-4F26-9C07-54912D3F1C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*","matchCriteriaId":"CF5DDD09-902E-4881-98D0-CB896333B4AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*","matchCriteriaId":"26A3B226-5D7C-4556-9350-5222DC8EFC2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*","matchCriteriaId":"851BAC4E-9965-4F40-9A6C-B73D9004F4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*","matchCriteriaId":"23B2FA23-76F4-4D83-A718-B8D04D7EA37B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*","matchCriteriaId":"D31E509A-0B2E-4B41-88C4-0099E800AFE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*","matchCriteriaId":"017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*","matchCriteriaId":"EF3E56B5-E6A6-4061-9380-D421E52B9199"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40363","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42831","sourceIdentifier":"secure@microsoft.com","published":"2026-05-12T18:17:25.673","lastModified":"2026-05-19T18:38:59.530","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Primary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*","versionEndExcluding":"16.0.19822.20190","matchCriteriaId":"D6226193-F09C-4C63-8020-E13666AED43D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2024:*:*:*:ltsc:macos:*:*","matchCriteriaId":"873BD998-9D5A-4C09-A3B3-4DB12ABB6F72"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*","matchCriteriaId":"BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42831","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-24218","sourceIdentifier":"psirt@nvidia.com","published":"2026-05-20T20:16:36.620","lastModified":"2026-05-21T15:26:35.653","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where  the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or attacker-in-the-middle attacks. A successful exploit of this vulnerability might lead to code execution, data tampering, escalation of privileges, information disclosure, and denial of service."}],"metrics":{"cvssMetricV31":[{"source":"psirt@nvidia.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@nvidia.com","type":"Primary","description":[{"lang":"en","value":"CWE-321"}]}],"references":[{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24218","source":"psirt@nvidia.com"},{"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5835","source":"psirt@nvidia.com"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-24218","source":"psirt@nvidia.com"}]}},{"cve":{"id":"CVE-2026-5433","sourceIdentifier":"psirt@honeywell.com","published":"2026-05-21T09:16:30.270","lastModified":"2026-05-21T15:26:35.653","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Honeywell Control\nNetwork Module (CNM) contains command injection vulnerability\nin the web interface. An attacker could exploit this vulnerability via command\ndelimiters, potentially resulting in Remote Code Execution (RCE)."}],"metrics":{"cvssMetricV31":[{"source":"psirt@honeywell.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}]},"references":[{"url":"https://process.honeywell.com/","source":"psirt@honeywell.com"}]}},{"cve":{"id":"CVE-2026-5434","sourceIdentifier":"psirt@honeywell.com","published":"2026-05-21T09:16:30.410","lastModified":"2026-05-21T15:26:35.653","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Honeywell Control\nNetwork Module (CNM) contains\ninsertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing\nsystem files, potentially resulting in unintended\naccess to protected data."}],"metrics":{"cvssMetricV31":[{"source":"psirt@honeywell.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@honeywell.com","type":"Secondary","description":[{"lang":"en","value":"CWE-538"}]}],"references":[{"url":"https://process.honeywell.com/","source":"psirt@honeywell.com"}]}},{"cve":{"id":"CVE-2025-71210","sourceIdentifier":"security@trendmicro.com","published":"2026-05-21T14:16:43.540","lastModified":"2026-05-21T15:05:28.023","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations.\r\n\r\nPlease note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required.\r\n\r\nFor this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their console�s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied."}],"metrics":{"cvssMetricV31":[{"source":"security@trendmicro.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://success.trendmicro.com/en-US/solution/KA-0022458","source":"security@trendmicro.com"},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-136/","source":"security@trendmicro.com"}]}},{"cve":{"id":"CVE-2025-71211","sourceIdentifier":"security@trendmicro.com","published":"2026-05-21T14:16:43.663","lastModified":"2026-05-21T15:05:28.023","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. \r\n\r\nPlease note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required.\r\n\r\nFor this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their console�s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied."}],"metrics":{"cvssMetricV31":[{"source":"security@trendmicro.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://success.trendmicro.com/en-US/solution/KA-0022458","source":"security@trendmicro.com"},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-137/","source":"security@trendmicro.com"}]}},{"cve":{"id":"CVE-2025-71212","sourceIdentifier":"security@trendmicro.com","published":"2026-05-21T14:16:43.777","lastModified":"2026-05-21T15:05:28.023","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."}],"metrics":{"cvssMetricV31":[{"source":"security@trendmicro.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"references":[{"url":"https://success.trendmicro.com/en-US/solution/KA-0022458","source":"security@trendmicro.com"},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-138/","source":"security@trendmicro.com"}]}},{"cve":{"id":"CVE-2025-71213","sourceIdentifier":"security@trendmicro.com","published":"2026-05-21T14:16:43.897","lastModified":"2026-05-21T15:05:28.023","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."}],"metrics":{"cvssMetricV31":[{"source":"security@trendmicro.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"references":[{"url":"https://success.trendmicro.com/en-US/solution/KA-0022458","source":"security@trendmicro.com"},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-140/","source":"security@trendmicro.com"}]}},{"cve":{"id":"CVE-2026-34927","sourceIdentifier":"security@trendmicro.com","published":"2026-05-21T14:16:45.333","lastModified":"2026-05-21T15:05:28.023","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."}],"metrics":{"cvssMetricV31":[{"source":"security@trendmicro.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"references":[{"url":"https://success.trendmicro.com/en-US/solution/KA-0023430","source":"security@trendmicro.com"}]}},{"cve":{"id":"CVE-2026-34928","sourceIdentifier":"security@trendmicro.com","published":"2026-05-21T14:16:45.463","lastModified":"2026-05-21T15:05:28.023","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different named pipe communication mechanism.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."}],"metrics":{"cvssMetricV31":[{"source":"security@trendmicro.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"references":[{"url":"https://success.trendmicro.com/en-US/solution/KA-0023430","source":"security@trendmicro.com"}]}},{"cve":{"id":"CVE-2026-34929","sourceIdentifier":"security@trendmicro.com","published":"2026-05-21T14:16:45.590","lastModified":"2026-05-21T15:05:28.023","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different inter-process communication mechanism.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."}],"metrics":{"cvssMetricV31":[{"source":"security@trendmicro.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"references":[{"url":"https://success.trendmicro.com/en-US/solution/KA-0023430","source":"security@trendmicro.com"}]}},{"cve":{"id":"CVE-2026-34930","sourceIdentifier":"security@trendmicro.com","published":"2026-05-21T14:16:45.710","lastModified":"2026-05-21T15:05:28.023","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."}],"metrics":{"cvssMetricV31":[{"source":"security@trendmicro.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"references":[{"url":"https://success.trendmicro.com/en-US/solution/KA-0023430","source":"security@trendmicro.com"}]}}]}