Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-3786 (GCVE-0-2022-3786)
Vulnerability from cvelistv5 – Published: 2022-11-01 00:00 – Updated: 2026-04-14 08:58
VLAI
EPSS
Title
X.509 Email Address Variable Length Buffer Overflow
Summary
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
Severity
No CVSS data available.
CWE
- Buffer overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.openssl.org/news/secadv/20221101.txt | vendor-advisory |
| https://git.openssl.org/gitweb/?p=openssl.git;a=c… | patch |
Impacted products
Date Public
2022-11-01 00:00
Credits
Viktor Dukhovni
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:13:08.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20221101.txt"
},
{
"name": "3.0.7 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html"
},
{
"url": "https://www.kb.cert.org/vuls/id/794340"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-3786",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:26:54.639858Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:12:38.194Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "Calibre ICE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2023.1",
"status": "affected",
"version": "V2022.4",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mcenter",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V5.3.0",
"status": "affected",
"version": "V5.2.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA (HSR)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.2.8",
"status": "affected",
"version": "V3.2.7",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA (PRP)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.2.8",
"status": "affected",
"version": "V3.2.7",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA EEC (HSR)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.2.8",
"status": "affected",
"version": "V3.2.7",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA EEC (PRP)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.2.8",
"status": "affected",
"version": "V3.2.7",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA EEC (PRP/HSR)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.2.8",
"status": "affected",
"version": "V3.2.7",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SICAM GridPass",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.20",
"status": "affected",
"version": "V1.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RTLS Locating Manager",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.13.0.3",
"status": "affected",
"version": "V2.13.0.0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T08:58:03.787Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-408105.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.0.7",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Viktor Dukhovni"
}
],
"datePublic": "2022-11-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\u003c/p\u003e"
}
],
"value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\n\n"
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "HIGH"
},
"type": "https://www.openssl.org/policies/secpolicy.html#high"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-04T07:28:32.835Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.openssl.org/news/secadv/20221101.txt"
},
{
"name": "3.0.7 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "X.509 Email Address Variable Length Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev",
"importer": "vulnxml2json5.py 2022-11-04 07:19:07.034873"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2022-3786",
"datePublished": "2022-11-01T00:00:00.000Z",
"dateReserved": "2022-11-01T00:00:00.000Z",
"dateUpdated": "2026-04-14T08:58:03.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-3786",
"date": "2026-05-25",
"epss": "0.27298",
"percentile": "0.96475"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-3786\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2022-11-01T18:15:11.047\",\"lastModified\":\"2026-04-14T10:16:26.147\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\\n\\n\"},{\"lang\":\"es\",\"value\":\"Puede activarse una saturaci\u00f3n del b\u00fafer en la verificaci\u00f3n del certificado X.509, espec\u00edficamente en la verificaci\u00f3n de restricciones del nombre. Tenga en cuenta que esto ocurre despu\u00e9s de la verificaci\u00f3n de la firma de la cadena de certificados y requiere que una CA haya firmado un certificado malicioso o que la aplicaci\u00f3n contin\u00fae con la verificaci\u00f3n del certificado a pesar de no poder construir una ruta hacia un emisor confiable. Un atacante puede crear una direcci\u00f3n de correo electr\u00f3nico maliciosa en un certificado para desbordar una cantidad arbitraria de bytes que contengan el car\u00e1cter \\\".\\\" (decimal 46) en la pila de memoria. Este desbordamiento del b\u00fafer podr\u00eda provocar un bloqueo (provocando una denegaci\u00f3n de servicio). En un cliente TLS, esto se puede desencadenar conect\u00e1ndose a un servidor malicioso. En un servidor TLS, esto puede activarse si el servidor solicita la autenticaci\u00f3n del cliente y se conecta un cliente malicioso.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.0.7\",\"matchCriteriaId\":\"BE1F59CA-02F2-4374-A129-18713496B58B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"18.0.0\",\"versionEndExcluding\":\"18.11.0\",\"matchCriteriaId\":\"CAC42CA8-8B01-4A19-A83C-A7D4D08E5E43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:18.12.0:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"7B1F87EE-4E30-4832-BF01-8501E94380EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:19.0.0:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"F568BBC5-0D8E-499C-9F3E-DDCE5F10F9D5\"}]}]}],\"references\":[{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20221101.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.kb.cert.org/vuls/id/794340\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssl.org/news/secadv/20221101.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-408105.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20221101.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a\", \"name\": \"3.0.7 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/794340\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T19:13:08.687Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-3786\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:26:54.639858Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-05T13:07:54.435Z\"}}], \"cna\": {\"title\": \"X.509 Email Address Variable Length Buffer Overflow\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Viktor Dukhovni\"}], \"metrics\": [{\"other\": {\"type\": \"https://www.openssl.org/policies/secpolicy.html#high\", \"content\": {\"text\": \"HIGH\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.7\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2022-11-01T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20221101.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a\", \"name\": \"3.0.7 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\", \"importer\": \"vulnxml2json5.py 2022-11-04 07:19:07.034873\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eA buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Buffer overflow\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2022-11-04T07:28:32.835Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-3786\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T19:13:08.687Z\", \"dateReserved\": \"2022-11-01T00:00:00.000Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2022-11-01T00:00:00.000Z\", \"assignerShortName\": \"openssl\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2025-AVI-1057
Vulnerability from certfr_avis - Published: 2025-12-02 - Updated: 2025-12-02
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 16.x antérieures à 16.11.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 14.x antérieures à 14.20.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 17.x antérieures à 17.7.0 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.1 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 18.x antérieures à 18.1.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 15.x antérieures à 15.15.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 13.x antérieures à 13.23.0 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu pour Postgres versions 16.x ant\u00e9rieures \u00e0 16.11.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 14.x ant\u00e9rieures \u00e0 14.20.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 17.x ant\u00e9rieures \u00e0 17.7.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 18.x ant\u00e9rieures \u00e0 18.1.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 15.x ant\u00e9rieures \u00e0 15.15.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 13.x ant\u00e9rieures \u00e0 13.23.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2022-23960",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23960"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3629"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3633"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-26878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26878"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1974"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-20154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20154"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-27672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27672"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-30115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2022-3534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3534"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-4387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4387"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-31085",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2019-17498",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-52467",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
},
{
"name": "CVE-2023-52451",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52451"
},
{
"name": "CVE-2023-52445",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
},
{
"name": "CVE-2024-26598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26598"
},
{
"name": "CVE-2023-52462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52462"
},
{
"name": "CVE-2023-52469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
},
{
"name": "CVE-2023-52470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
},
{
"name": "CVE-2023-52464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52464"
},
{
"name": "CVE-2023-52475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52475"
},
{
"name": "CVE-2023-52478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52478"
},
{
"name": "CVE-2024-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
},
{
"name": "CVE-2023-52452",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52452"
},
{
"name": "CVE-2023-52532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52532"
},
{
"name": "CVE-2019-25162",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25162"
},
{
"name": "CVE-2021-46904",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46904"
},
{
"name": "CVE-2024-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2024-26631",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26631"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2023-52501",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52501"
},
{
"name": "CVE-2023-52519",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52519"
},
{
"name": "CVE-2024-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
},
{
"name": "CVE-2024-26670",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26670"
},
{
"name": "CVE-2023-52477",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
},
{
"name": "CVE-2023-52528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
},
{
"name": "CVE-2023-52582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52582"
},
{
"name": "CVE-2021-47098",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47098"
},
{
"name": "CVE-2023-52513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
},
{
"name": "CVE-2024-22099",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
},
{
"name": "CVE-2021-47097",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47097"
},
{
"name": "CVE-2023-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
},
{
"name": "CVE-2023-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
},
{
"name": "CVE-2023-52523",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52523"
},
{
"name": "CVE-2024-26803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
},
{
"name": "CVE-2024-24858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
},
{
"name": "CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"name": "CVE-2024-26660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
},
{
"name": "CVE-2024-26760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26760"
},
{
"name": "CVE-2024-26681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26681"
},
{
"name": "CVE-2024-26815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26815"
},
{
"name": "CVE-2024-26621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26621"
},
{
"name": "CVE-2024-26714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26714"
},
{
"name": "CVE-2024-26761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26761"
},
{
"name": "CVE-2024-26742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26742"
},
{
"name": "CVE-2021-47020",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47020"
},
{
"name": "CVE-2021-47017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47017"
},
{
"name": "CVE-2021-46984",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46984"
},
{
"name": "CVE-2021-47071",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47071"
},
{
"name": "CVE-2021-47202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47202"
},
{
"name": "CVE-2024-26605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26605"
},
{
"name": "CVE-2024-26989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26989"
},
{
"name": "CVE-2024-27003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27003"
},
{
"name": "CVE-2024-26987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26987"
},
{
"name": "CVE-2024-27015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27015"
},
{
"name": "CVE-2024-27014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27014"
},
{
"name": "CVE-2024-26992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26992"
},
{
"name": "CVE-2023-52468",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52468"
},
{
"name": "CVE-2023-52487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52487"
},
{
"name": "CVE-2024-26618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26618"
},
{
"name": "CVE-2023-52490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52490"
},
{
"name": "CVE-2023-52455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52455"
},
{
"name": "CVE-2023-52472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52472"
},
{
"name": "CVE-2023-52643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
},
{
"name": "CVE-2024-26649",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26649"
},
{
"name": "CVE-2023-52473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52473"
},
{
"name": "CVE-2023-52465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52465"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-27042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27042"
},
{
"name": "CVE-2021-47197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47197"
},
{
"name": "CVE-2021-47196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47196"
},
{
"name": "CVE-2022-48702",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48702"
},
{
"name": "CVE-2022-48701",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48701"
},
{
"name": "CVE-2022-48694",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48694"
},
{
"name": "CVE-2022-48644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48644"
},
{
"name": "CVE-2021-47217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47217"
},
{
"name": "CVE-2022-48653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48653"
},
{
"name": "CVE-2021-47214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47214"
},
{
"name": "CVE-2022-48672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48672"
},
{
"name": "CVE-2022-48657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48657"
},
{
"name": "CVE-2022-48652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48652"
},
{
"name": "CVE-2022-48658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48658"
},
{
"name": "CVE-2021-47210",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47210"
},
{
"name": "CVE-2022-48662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48662"
},
{
"name": "CVE-2022-48639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48639"
},
{
"name": "CVE-2023-52646",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52646"
},
{
"name": "CVE-2022-48640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48640"
},
{
"name": "CVE-2024-26933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
},
{
"name": "CVE-2021-47215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47215"
},
{
"name": "CVE-2021-47074",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47074"
},
{
"name": "CVE-2021-47041",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47041"
},
{
"name": "CVE-2024-27039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27039"
},
{
"name": "CVE-2022-48704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48704"
},
{
"name": "CVE-2022-48675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48675"
},
{
"name": "CVE-2022-48690",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48690"
},
{
"name": "CVE-2021-47191",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
},
{
"name": "CVE-2022-48637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48637"
},
{
"name": "CVE-2022-48632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48632"
},
{
"name": "CVE-2022-48660",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48660"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2023-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52565"
},
{
"name": "CVE-2024-26892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
},
{
"name": "CVE-2024-26964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2021-47227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47227"
},
{
"name": "CVE-2021-47237",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47237"
},
{
"name": "CVE-2021-47239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47239"
},
{
"name": "CVE-2021-47250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47250"
},
{
"name": "CVE-2021-47261",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47261"
},
{
"name": "CVE-2021-47343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47343"
},
{
"name": "CVE-2021-47360",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47360"
},
{
"name": "CVE-2021-47365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47365"
},
{
"name": "CVE-2021-47373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47373"
},
{
"name": "CVE-2021-47393",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47393"
},
{
"name": "CVE-2021-47398",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47398"
},
{
"name": "CVE-2021-47404",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47404"
},
{
"name": "CVE-2021-47420",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47420"
},
{
"name": "CVE-2021-47422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47422"
},
{
"name": "CVE-2021-47426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47426"
},
{
"name": "CVE-2021-47428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47428"
},
{
"name": "CVE-2021-47429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47429"
},
{
"name": "CVE-2021-47430",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47430"
},
{
"name": "CVE-2021-47438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47438"
},
{
"name": "CVE-2021-47444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47444"
},
{
"name": "CVE-2021-47454",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47454"
},
{
"name": "CVE-2021-47457",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47457"
},
{
"name": "CVE-2021-47465",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47465"
},
{
"name": "CVE-2021-47481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47481"
},
{
"name": "CVE-2021-47483",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47483"
},
{
"name": "CVE-2021-47490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47490"
},
{
"name": "CVE-2021-47495",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47495"
},
{
"name": "CVE-2021-47497",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47497"
},
{
"name": "CVE-2021-47499",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47499"
},
{
"name": "CVE-2021-47500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47500"
},
{
"name": "CVE-2021-47505",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47505"
},
{
"name": "CVE-2021-47516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47516"
},
{
"name": "CVE-2021-47527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47527"
},
{
"name": "CVE-2021-47536",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47536"
},
{
"name": "CVE-2021-47537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47537"
},
{
"name": "CVE-2021-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47538"
},
{
"name": "CVE-2021-47550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47550"
},
{
"name": "CVE-2021-47559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47559"
},
{
"name": "CVE-2022-48689",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48689"
},
{
"name": "CVE-2022-48691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48691"
},
{
"name": "CVE-2022-48705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48705"
},
{
"name": "CVE-2022-48709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48709"
},
{
"name": "CVE-2022-48710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48710"
},
{
"name": "CVE-2023-52654",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52654"
},
{
"name": "CVE-2023-52659",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52659"
},
{
"name": "CVE-2023-52661",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52661"
},
{
"name": "CVE-2023-52662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52662"
},
{
"name": "CVE-2023-52679",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52679"
},
{
"name": "CVE-2023-52686",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52686"
},
{
"name": "CVE-2023-52690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52690"
},
{
"name": "CVE-2023-52698",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52698"
},
{
"name": "CVE-2023-52702",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52702"
},
{
"name": "CVE-2023-52703",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52703"
},
{
"name": "CVE-2023-52730",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52730"
},
{
"name": "CVE-2023-52731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52731"
},
{
"name": "CVE-2023-52736",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52736"
},
{
"name": "CVE-2023-52739",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52739"
},
{
"name": "CVE-2023-52740",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52740"
},
{
"name": "CVE-2023-52743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52743"
},
{
"name": "CVE-2023-52744",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52744"
},
{
"name": "CVE-2023-52747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52747"
},
{
"name": "CVE-2023-52764",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
},
{
"name": "CVE-2023-52781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52781"
},
{
"name": "CVE-2023-52788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52788"
},
{
"name": "CVE-2023-52791",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52791"
},
{
"name": "CVE-2023-52795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52795"
},
{
"name": "CVE-2023-52796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52796"
},
{
"name": "CVE-2023-52803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52803"
},
{
"name": "CVE-2023-52806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52806"
},
{
"name": "CVE-2023-52814",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52814"
},
{
"name": "CVE-2023-52817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52817"
},
{
"name": "CVE-2023-52818",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52818"
},
{
"name": "CVE-2023-52833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52833"
},
{
"name": "CVE-2023-52840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52840"
},
{
"name": "CVE-2023-52851",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52851"
},
{
"name": "CVE-2023-52854",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52854"
},
{
"name": "CVE-2023-52867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52867"
},
{
"name": "CVE-2023-52877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52877"
},
{
"name": "CVE-2024-26838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26838"
},
{
"name": "CVE-2024-35801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35801"
},
{
"name": "CVE-2024-35804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35804"
},
{
"name": "CVE-2024-35860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35860"
},
{
"name": "CVE-2024-35872",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35872"
},
{
"name": "CVE-2024-35901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35901"
},
{
"name": "CVE-2024-35912",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35912"
},
{
"name": "CVE-2024-35952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35952"
},
{
"name": "CVE-2024-35959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35959"
},
{
"name": "CVE-2024-35963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35963"
},
{
"name": "CVE-2024-35964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35964"
},
{
"name": "CVE-2024-36012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36012"
},
{
"name": "CVE-2024-36906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
},
{
"name": "CVE-2024-36918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36918"
},
{
"name": "CVE-2024-36926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36926"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2023-52663",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52663"
},
{
"name": "CVE-2023-52675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
},
{
"name": "CVE-2023-52697",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52697"
},
{
"name": "CVE-2024-26611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26611"
},
{
"name": "CVE-2024-26674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26674"
},
{
"name": "CVE-2024-26899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26899"
},
{
"name": "CVE-2024-26990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26990"
},
{
"name": "CVE-2024-27027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27027"
},
{
"name": "CVE-2024-27031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27031"
},
{
"name": "CVE-2024-27057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27057"
},
{
"name": "CVE-2024-35795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35795"
},
{
"name": "CVE-2024-35810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35810"
},
{
"name": "CVE-2024-35814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
},
{
"name": "CVE-2024-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35824"
},
{
"name": "CVE-2024-35834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35834"
},
{
"name": "CVE-2024-35836",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35836"
},
{
"name": "CVE-2024-35838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35838"
},
{
"name": "CVE-2024-35891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35891"
},
{
"name": "CVE-2024-35903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35903"
},
{
"name": "CVE-2024-35917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35917"
},
{
"name": "CVE-2024-35927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35927"
},
{
"name": "CVE-2024-35974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35974"
},
{
"name": "CVE-2024-35981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35981"
},
{
"name": "CVE-2024-35991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35991"
},
{
"name": "CVE-2024-36002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36002"
},
{
"name": "CVE-2024-36011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36011"
},
{
"name": "CVE-2024-36021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36021"
},
{
"name": "CVE-2024-36891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36891"
},
{
"name": "CVE-2024-36930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36930"
},
{
"name": "CVE-2024-36936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36936"
},
{
"name": "CVE-2024-35983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35983"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2023-52648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52648"
},
{
"name": "CVE-2023-52649",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52649"
},
{
"name": "CVE-2024-26953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26953"
},
{
"name": "CVE-2024-26975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26975"
},
{
"name": "CVE-2024-27026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27026"
},
{
"name": "CVE-2024-27079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27079"
},
{
"name": "CVE-2024-27390",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27390"
},
{
"name": "CVE-2024-35787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35787"
},
{
"name": "CVE-2024-35827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35827"
},
{
"name": "CVE-2024-35831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35831"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-52560",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52560"
},
{
"name": "CVE-2023-52813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52813"
},
{
"name": "CVE-2023-52835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
},
{
"name": "CVE-2023-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2021-47539",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47539"
},
{
"name": "CVE-2021-47572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47572"
},
{
"name": "CVE-2021-47576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
},
{
"name": "CVE-2021-47578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47578"
},
{
"name": "CVE-2021-47601",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47601"
},
{
"name": "CVE-2021-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47607"
},
{
"name": "CVE-2021-47609",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47609"
},
{
"name": "CVE-2021-47616",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47616"
},
{
"name": "CVE-2021-47617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47617"
},
{
"name": "CVE-2021-47620",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47620"
},
{
"name": "CVE-2022-48712",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48712"
},
{
"name": "CVE-2022-48713",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48713"
},
{
"name": "CVE-2022-48714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48714"
},
{
"name": "CVE-2022-48720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48720"
},
{
"name": "CVE-2022-48724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48724"
},
{
"name": "CVE-2022-48725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48725"
},
{
"name": "CVE-2022-48727",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48727"
},
{
"name": "CVE-2022-48728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48728"
},
{
"name": "CVE-2022-48729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48729"
},
{
"name": "CVE-2022-48732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48732"
},
{
"name": "CVE-2022-48745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48745"
},
{
"name": "CVE-2022-48746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48746"
},
{
"name": "CVE-2022-48752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48752"
},
{
"name": "CVE-2022-48760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48760"
},
{
"name": "CVE-2022-48763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48763"
},
{
"name": "CVE-2022-48767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48767"
},
{
"name": "CVE-2022-48768",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48768"
},
{
"name": "CVE-2022-48769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48769"
},
{
"name": "CVE-2022-48770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48770"
},
{
"name": "CVE-2023-52787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52787"
},
{
"name": "CVE-2023-52837",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52837"
},
{
"name": "CVE-2023-52845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
},
{
"name": "CVE-2023-52846",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52846"
},
{
"name": "CVE-2024-35979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35979"
},
{
"name": "CVE-2024-36477",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36477"
},
{
"name": "CVE-2024-36937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-36967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
},
{
"name": "CVE-2024-36975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2024-24859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24859"
},
{
"name": "CVE-2024-26734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26734"
},
{
"name": "CVE-2024-26818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26818"
},
{
"name": "CVE-2024-26831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26831"
},
{
"name": "CVE-2024-27012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27012"
},
{
"name": "CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"name": "CVE-2024-35880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35880"
},
{
"name": "CVE-2024-35892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35892"
},
{
"name": "CVE-2024-35894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35894"
},
{
"name": "CVE-2024-35908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35908"
},
{
"name": "CVE-2024-35913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35913"
},
{
"name": "CVE-2024-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35942"
},
{
"name": "CVE-2024-35957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35957"
},
{
"name": "CVE-2024-35980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35980"
},
{
"name": "CVE-2024-39298",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39298"
},
{
"name": "CVE-2024-39493",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
},
{
"name": "CVE-2024-39500",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39500"
},
{
"name": "CVE-2024-40900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40900"
},
{
"name": "CVE-2024-40903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40903"
},
{
"name": "CVE-2024-40908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40908"
},
{
"name": "CVE-2024-40913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40913"
},
{
"name": "CVE-2024-40919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40919"
},
{
"name": "CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"name": "CVE-2024-40937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40937"
},
{
"name": "CVE-2024-40940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40940"
},
{
"name": "CVE-2024-40948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40948"
},
{
"name": "CVE-2024-40956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40956"
},
{
"name": "CVE-2024-40989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40989"
},
{
"name": "CVE-2024-40994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40994"
},
{
"name": "CVE-2023-52750",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52750"
},
{
"name": "CVE-2023-52782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52782"
},
{
"name": "CVE-2023-52786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52786"
},
{
"name": "CVE-2023-52792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52792"
},
{
"name": "CVE-2023-52794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52794"
},
{
"name": "CVE-2023-52842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52842"
},
{
"name": "CVE-2023-52849",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52849"
},
{
"name": "CVE-2023-52866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52866"
},
{
"name": "CVE-2024-36010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36010"
},
{
"name": "CVE-2024-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
},
{
"name": "CVE-2024-36962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36962"
},
{
"name": "CVE-2024-36977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36977"
},
{
"name": "CVE-2024-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38566"
},
{
"name": "CVE-2024-38629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38629"
},
{
"name": "CVE-2024-39291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39291"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2024-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
},
{
"name": "CVE-2024-36884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36884"
},
{
"name": "CVE-2024-36920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36920"
},
{
"name": "CVE-2024-36932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36932"
},
{
"name": "CVE-2024-36956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36956"
},
{
"name": "CVE-2024-36961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36961"
},
{
"name": "CVE-2024-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38561"
},
{
"name": "CVE-2024-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38604"
},
{
"name": "CVE-2024-38606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
},
{
"name": "CVE-2021-47579",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47579"
},
{
"name": "CVE-2022-48757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48757"
},
{
"name": "CVE-2023-52775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52775"
},
{
"name": "CVE-2023-52885",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52885"
},
{
"name": "CVE-2024-26837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26837"
},
{
"name": "CVE-2024-27404",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27404"
},
{
"name": "CVE-2024-39479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39479"
},
{
"name": "CVE-2024-39498",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39498"
},
{
"name": "CVE-2024-40923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40923"
},
{
"name": "CVE-2024-40925",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40925"
},
{
"name": "CVE-2024-6197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6197"
},
{
"name": "CVE-2021-47623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47623"
},
{
"name": "CVE-2022-48773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
},
{
"name": "CVE-2022-48778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48778"
},
{
"name": "CVE-2022-48780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48780"
},
{
"name": "CVE-2022-48783",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48783"
},
{
"name": "CVE-2022-48784",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48784"
},
{
"name": "CVE-2022-48785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48785"
},
{
"name": "CVE-2022-48786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48786"
},
{
"name": "CVE-2022-48787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48787"
},
{
"name": "CVE-2022-48793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48793"
},
{
"name": "CVE-2022-48796",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48796"
},
{
"name": "CVE-2022-48797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48797"
},
{
"name": "CVE-2022-48799",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48799"
},
{
"name": "CVE-2022-48800",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48800"
},
{
"name": "CVE-2022-48801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48801"
},
{
"name": "CVE-2022-48802",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48802"
},
{
"name": "CVE-2022-48804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48804"
},
{
"name": "CVE-2022-48806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48806"
},
{
"name": "CVE-2022-48809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48809"
},
{
"name": "CVE-2022-48810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48810"
},
{
"name": "CVE-2022-48812",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48812"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2022-48813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48813"
},
{
"name": "CVE-2022-48815",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48815"
},
{
"name": "CVE-2022-48817",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48817"
},
{
"name": "CVE-2022-48818",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48818"
},
{
"name": "CVE-2022-48823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48823"
},
{
"name": "CVE-2022-48825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48825"
},
{
"name": "CVE-2022-48830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48830"
},
{
"name": "CVE-2022-48831",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48831"
},
{
"name": "CVE-2022-48834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48834"
},
{
"name": "CVE-2022-48835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48835"
},
{
"name": "CVE-2022-48836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48836"
},
{
"name": "CVE-2022-48837",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48837"
},
{
"name": "CVE-2022-48839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48839"
},
{
"name": "CVE-2022-48840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48840"
},
{
"name": "CVE-2022-48843",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48843"
},
{
"name": "CVE-2022-48850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48850"
},
{
"name": "CVE-2022-48853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48853"
},
{
"name": "CVE-2022-48858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48858"
},
{
"name": "CVE-2022-48861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48861"
},
{
"name": "CVE-2022-48863",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48863"
},
{
"name": "CVE-2022-48864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48864"
},
{
"name": "CVE-2022-48866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48866"
},
{
"name": "CVE-2023-52886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52886"
},
{
"name": "CVE-2024-41057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41057"
},
{
"name": "CVE-2024-41058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41058"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38632"
},
{
"name": "CVE-2024-39491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39491"
},
{
"name": "CVE-2024-40922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40922"
},
{
"name": "CVE-2024-40930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40930"
},
{
"name": "CVE-2024-40964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40964"
},
{
"name": "CVE-2024-40992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40992"
},
{
"name": "CVE-2024-41003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41003"
},
{
"name": "CVE-2024-41047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41047"
},
{
"name": "CVE-2024-42085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42085"
},
{
"name": "CVE-2024-42109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42109"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2021-47517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47517"
},
{
"name": "CVE-2022-48865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48865"
},
{
"name": "CVE-2022-48875",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48875"
},
{
"name": "CVE-2022-48883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48883"
},
{
"name": "CVE-2022-48886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48886"
},
{
"name": "CVE-2022-48889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48889"
},
{
"name": "CVE-2022-48890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48890"
},
{
"name": "CVE-2022-48896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48896"
},
{
"name": "CVE-2022-48899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48899"
},
{
"name": "CVE-2022-48912",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48912"
},
{
"name": "CVE-2022-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48913"
},
{
"name": "CVE-2022-48914",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48914"
},
{
"name": "CVE-2022-48915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48915"
},
{
"name": "CVE-2022-48921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48921"
},
{
"name": "CVE-2022-48929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48929"
},
{
"name": "CVE-2022-48931",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48931"
},
{
"name": "CVE-2022-48934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48934"
},
{
"name": "CVE-2022-48938",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48938"
},
{
"name": "CVE-2022-48939",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48939"
},
{
"name": "CVE-2022-48942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48942"
},
{
"name": "CVE-2023-52859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52859"
},
{
"name": "CVE-2023-52898",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52898"
},
{
"name": "CVE-2023-52901",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52901"
},
{
"name": "CVE-2023-52905",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52905"
},
{
"name": "CVE-2023-52906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52906"
},
{
"name": "CVE-2023-52908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52908"
},
{
"name": "CVE-2023-52909",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52909"
},
{
"name": "CVE-2023-52910",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52910"
},
{
"name": "CVE-2024-26637",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26637"
},
{
"name": "CVE-2024-26682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26682"
},
{
"name": "CVE-2024-26683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26683"
},
{
"name": "CVE-2024-36970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36970"
},
{
"name": "CVE-2024-39486",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39486"
},
{
"name": "CVE-2024-41010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41010"
},
{
"name": "CVE-2024-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41032"
},
{
"name": "CVE-2024-41037",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41037"
},
{
"name": "CVE-2024-41038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41038"
},
{
"name": "CVE-2024-41039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41039"
},
{
"name": "CVE-2024-41045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41045"
},
{
"name": "CVE-2024-41056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41056"
},
{
"name": "CVE-2024-41084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41084"
},
{
"name": "CVE-2024-41094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41094"
},
{
"name": "CVE-2024-42107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42107"
},
{
"name": "CVE-2024-42125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42125"
},
{
"name": "CVE-2024-42132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42132"
},
{
"name": "CVE-2024-42133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42133"
},
{
"name": "CVE-2024-42138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42138"
},
{
"name": "CVE-2024-42139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42139"
},
{
"name": "CVE-2024-42141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42141"
},
{
"name": "CVE-2024-42238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42238"
},
{
"name": "CVE-2024-42239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42239"
},
{
"name": "CVE-2024-42241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42241"
},
{
"name": "CVE-2024-42245",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42245"
},
{
"name": "CVE-2024-42268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42268"
},
{
"name": "CVE-2024-42278",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42278"
},
{
"name": "CVE-2024-42291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42291"
},
{
"name": "CVE-2024-42315",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42315"
},
{
"name": "CVE-2024-42316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42316"
},
{
"name": "CVE-2024-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43816"
},
{
"name": "CVE-2024-43817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43817"
},
{
"name": "CVE-2024-43821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43821"
},
{
"name": "CVE-2024-43826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43826"
},
{
"name": "CVE-2024-43840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43840"
},
{
"name": "CVE-2024-43842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43842"
},
{
"name": "CVE-2024-43873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43873"
},
{
"name": "CVE-2024-43874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43874"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-41031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41031"
},
{
"name": "CVE-2024-42243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42243"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2024-44983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
},
{
"name": "CVE-2024-44986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
},
{
"name": "CVE-2024-45000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45000"
},
{
"name": "CVE-2024-45010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45010"
},
{
"name": "CVE-2024-45019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45019"
},
{
"name": "CVE-2024-45022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45022"
},
{
"name": "CVE-2024-45029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45029"
},
{
"name": "CVE-2024-46711",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46711"
},
{
"name": "CVE-2024-46784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46784"
},
{
"name": "CVE-2024-46830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46830"
},
{
"name": "CVE-2022-48944",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48944"
},
{
"name": "CVE-2024-42294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42294"
},
{
"name": "CVE-2024-43870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43870"
},
{
"name": "CVE-2024-44967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44967"
},
{
"name": "CVE-2024-44984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44984"
},
{
"name": "CVE-2024-45001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45001"
},
{
"name": "CVE-2024-45005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45005"
},
{
"name": "CVE-2024-45012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45012"
},
{
"name": "CVE-2024-45013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45013"
},
{
"name": "CVE-2024-45017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45017"
},
{
"name": "CVE-2024-45020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45020"
},
{
"name": "CVE-2024-46672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46672"
},
{
"name": "CVE-2024-46692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46692"
},
{
"name": "CVE-2024-46706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46706"
},
{
"name": "CVE-2024-46709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46709"
},
{
"name": "CVE-2024-46710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46710"
},
{
"name": "CVE-2024-46767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46767"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2024-46797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46797"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-41085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41085"
},
{
"name": "CVE-2024-26721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26721"
},
{
"name": "CVE-2024-42258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42258"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-54121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54121"
},
{
"name": "CVE-2012-2114",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2114"
},
{
"name": "CVE-2021-46937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46937"
},
{
"name": "CVE-2021-46999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46999"
},
{
"name": "CVE-2021-47033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47033"
},
{
"name": "CVE-2021-47079",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47079"
},
{
"name": "CVE-2021-47092",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47092"
},
{
"name": "CVE-2021-47226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47226"
},
{
"name": "CVE-2021-47251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47251"
},
{
"name": "CVE-2021-47266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47266"
},
{
"name": "CVE-2021-47318",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47318"
},
{
"name": "CVE-2021-47325",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47325"
},
{
"name": "CVE-2021-47346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47346"
},
{
"name": "CVE-2021-47349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47349"
},
{
"name": "CVE-2021-47519",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47519"
},
{
"name": "CVE-2021-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47561"
},
{
"name": "CVE-2021-47613",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47613"
},
{
"name": "CVE-2022-1247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1247"
},
{
"name": "CVE-2022-20153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20153"
},
{
"name": "CVE-2022-48641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48641"
},
{
"name": "CVE-2022-48643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48643"
},
{
"name": "CVE-2022-48707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48707"
},
{
"name": "CVE-2022-48719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48719"
},
{
"name": "CVE-2022-48781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48781"
},
{
"name": "CVE-2022-48819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48819"
},
{
"name": "CVE-2022-48832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48832"
},
{
"name": "CVE-2022-48848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48848"
},
{
"name": "CVE-2022-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48876"
},
{
"name": "CVE-2022-48963",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48963"
},
{
"name": "CVE-2022-48974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48974"
},
{
"name": "CVE-2022-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48976"
},
{
"name": "CVE-2022-48984",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48984"
},
{
"name": "CVE-2022-48986",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48986"
},
{
"name": "CVE-2022-49013",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49013"
},
{
"name": "CVE-2022-49018",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49018"
},
{
"name": "CVE-2022-49048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49048"
},
{
"name": "CVE-2022-49049",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49049"
},
{
"name": "CVE-2022-49052",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49052"
},
{
"name": "CVE-2022-49072",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49072"
},
{
"name": "CVE-2022-49077",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49077"
},
{
"name": "CVE-2022-49094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49094"
},
{
"name": "CVE-2022-49152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49152"
},
{
"name": "CVE-2022-49198",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49198"
},
{
"name": "CVE-2022-49229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49229"
},
{
"name": "CVE-2022-49231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49231"
},
{
"name": "CVE-2022-49334",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49334"
},
{
"name": "CVE-2022-49340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49340"
},
{
"name": "CVE-2022-49374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49374"
},
{
"name": "CVE-2022-49401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49401"
},
{
"name": "CVE-2022-49403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49403"
},
{
"name": "CVE-2022-49450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49450"
},
{
"name": "CVE-2022-49554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49554"
},
{
"name": "CVE-2022-49557",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49557"
},
{
"name": "CVE-2022-49567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49567"
},
{
"name": "CVE-2022-49571",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49571"
},
{
"name": "CVE-2022-49572",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49572"
},
{
"name": "CVE-2022-49573",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49573"
},
{
"name": "CVE-2022-49574",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49574"
},
{
"name": "CVE-2022-49575",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49575"
},
{
"name": "CVE-2022-49577",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49577"
},
{
"name": "CVE-2022-49580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49580"
},
{
"name": "CVE-2022-49585",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49585"
},
{
"name": "CVE-2022-49586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49586"
},
{
"name": "CVE-2022-49587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49587"
},
{
"name": "CVE-2022-49593",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49593"
},
{
"name": "CVE-2022-49594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49594"
},
{
"name": "CVE-2022-49595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49595"
},
{
"name": "CVE-2022-49596",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49596"
},
{
"name": "CVE-2022-49597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49597"
},
{
"name": "CVE-2022-49598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49598"
},
{
"name": "CVE-2022-49599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49599"
},
{
"name": "CVE-2022-49600",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49600"
},
{
"name": "CVE-2022-49601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49601"
},
{
"name": "CVE-2022-49602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49602"
},
{
"name": "CVE-2022-49604",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49604"
},
{
"name": "CVE-2022-49612",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49612"
},
{
"name": "CVE-2022-49629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49629"
},
{
"name": "CVE-2022-49633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49633"
},
{
"name": "CVE-2022-49637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49637"
},
{
"name": "CVE-2022-49639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49639"
},
{
"name": "CVE-2022-49659",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49659"
},
{
"name": "CVE-2022-49662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49662"
},
{
"name": "CVE-2022-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49691"
},
{
"name": "CVE-2022-49744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49744"
},
{
"name": "CVE-2022-49747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49747"
},
{
"name": "CVE-2022-49752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49752"
},
{
"name": "CVE-2022-49754",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49754"
},
{
"name": "CVE-2022-49760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49760"
},
{
"name": "CVE-2023-31082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31082"
},
{
"name": "CVE-2023-52516",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52516"
},
{
"name": "CVE-2023-52568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52568"
},
{
"name": "CVE-2023-52570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52570"
},
{
"name": "CVE-2023-52689",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52689"
},
{
"name": "CVE-2023-52704",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52704"
},
{
"name": "CVE-2023-52706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52706"
},
{
"name": "CVE-2023-52828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52828"
},
{
"name": "CVE-2023-52902",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52902"
},
{
"name": "CVE-2023-52932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52932"
},
{
"name": "CVE-2023-52934",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52934"
},
{
"name": "CVE-2023-52940",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52940"
},
{
"name": "CVE-2023-52942",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52942"
},
{
"name": "CVE-2023-52977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52977"
},
{
"name": "CVE-2023-52985",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52985"
},
{
"name": "CVE-2023-52987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52987"
},
{
"name": "CVE-2023-52991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52991"
},
{
"name": "CVE-2023-53004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53004"
},
{
"name": "CVE-2023-53017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53017"
},
{
"name": "CVE-2024-23196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23196"
},
{
"name": "CVE-2024-26678",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26678"
},
{
"name": "CVE-2024-26725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26725"
},
{
"name": "CVE-2024-26746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26746"
},
{
"name": "CVE-2024-26918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26918"
},
{
"name": "CVE-2024-27023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27023"
},
{
"name": "CVE-2024-40907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40907"
},
{
"name": "CVE-2024-43896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43896"
},
{
"name": "CVE-2024-46748",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46748"
},
{
"name": "CVE-2024-46862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46862"
},
{
"name": "CVE-2024-53073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53073"
},
{
"name": "CVE-2024-53225",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53225"
},
{
"name": "CVE-2024-56668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56668"
},
{
"name": "CVE-2024-57852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57852"
},
{
"name": "CVE-2024-57914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57914"
},
{
"name": "CVE-2024-57985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57985"
},
{
"name": "CVE-2024-57989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57989"
},
{
"name": "CVE-2024-58064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58064"
},
{
"name": "CVE-2024-58075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58075"
},
{
"name": "CVE-2024-58084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58084"
},
{
"name": "CVE-2025-21709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21709"
},
{
"name": "CVE-2025-21807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21807"
},
{
"name": "CVE-2025-21817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21817"
},
{
"name": "CVE-2025-21827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21827"
},
{
"name": "CVE-2025-21851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21851"
},
{
"name": "CVE-2025-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21874"
},
{
"name": "CVE-2025-21907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21907"
},
{
"name": "CVE-2025-21921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21921"
},
{
"name": "CVE-2025-24357",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24357"
},
{
"name": "CVE-2025-25183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25183"
},
{
"name": "CVE-2025-29770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29770"
},
{
"name": "CVE-2025-30165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30165"
},
{
"name": "CVE-2025-30202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30202"
},
{
"name": "CVE-2025-32381",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32381"
},
{
"name": "CVE-2025-32444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32444"
},
{
"name": "CVE-2025-46570",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46570"
},
{
"name": "CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"name": "CVE-2025-48887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48887"
},
{
"name": "CVE-2025-48956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48956"
},
{
"name": "CVE-2025-57809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57809"
},
{
"name": "CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"name": "CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"name": "CVE-2025-65106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65106"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2022-48879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48879"
},
{
"name": "CVE-2022-48946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48946"
},
{
"name": "CVE-2022-48951",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48951"
},
{
"name": "CVE-2022-48953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48953"
},
{
"name": "CVE-2022-48969",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48969"
},
{
"name": "CVE-2022-48971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48971"
},
{
"name": "CVE-2022-48972",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48972"
},
{
"name": "CVE-2022-48978",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48978"
},
{
"name": "CVE-2022-48981",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48981"
},
{
"name": "CVE-2022-48985",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48985"
},
{
"name": "CVE-2022-48987",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48987"
},
{
"name": "CVE-2022-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48988"
},
{
"name": "CVE-2022-48992",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48992"
},
{
"name": "CVE-2022-48994",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48994"
},
{
"name": "CVE-2022-48997",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48997"
},
{
"name": "CVE-2022-49005",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49005"
},
{
"name": "CVE-2022-49006",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49006"
},
{
"name": "CVE-2022-49011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49011"
},
{
"name": "CVE-2022-49012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49012"
},
{
"name": "CVE-2022-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49014"
},
{
"name": "CVE-2022-49015",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49015"
},
{
"name": "CVE-2022-49017",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49017"
},
{
"name": "CVE-2022-49021",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49021"
},
{
"name": "CVE-2022-49022",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49022"
},
{
"name": "CVE-2022-49024",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49024"
},
{
"name": "CVE-2022-49027",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49027"
},
{
"name": "CVE-2022-49028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49028"
},
{
"name": "CVE-2022-49029",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49029"
},
{
"name": "CVE-2024-44932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44932"
},
{
"name": "CVE-2024-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44964"
},
{
"name": "CVE-2024-46766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46766"
},
{
"name": "CVE-2024-46825",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46825"
},
{
"name": "CVE-2024-46864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46864"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-47672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47672"
},
{
"name": "CVE-2024-47675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47675"
},
{
"name": "CVE-2024-47682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47682"
},
{
"name": "CVE-2024-47687",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47687"
},
{
"name": "CVE-2024-47696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47696"
},
{
"name": "CVE-2024-47702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47702"
},
{
"name": "CVE-2024-47715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47715"
},
{
"name": "CVE-2024-47719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47719"
},
{
"name": "CVE-2024-47727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47727"
},
{
"name": "CVE-2024-49855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49855"
},
{
"name": "CVE-2024-49862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49862"
},
{
"name": "CVE-2024-49864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49864"
},
{
"name": "CVE-2024-49866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49866"
},
{
"name": "CVE-2024-49870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49870"
},
{
"name": "CVE-2024-49886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49886"
},
{
"name": "CVE-2024-49946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49946"
},
{
"name": "CVE-2024-49953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49953"
},
{
"name": "CVE-2024-50000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50000"
},
{
"name": "CVE-2024-50019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50019"
},
{
"name": "CVE-2024-50020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50020"
},
{
"name": "CVE-2024-50021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50021"
},
{
"name": "CVE-2024-50022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50022"
},
{
"name": "CVE-2024-50023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50023"
},
{
"name": "CVE-2024-50027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50027"
},
{
"name": "CVE-2024-50041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50041"
},
{
"name": "CVE-2024-50042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50042"
},
{
"name": "CVE-2024-50060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50060"
},
{
"name": "CVE-2024-50064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50064"
},
{
"name": "CVE-2024-50074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50074"
},
{
"name": "CVE-2024-50075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50075"
},
{
"name": "CVE-2024-50076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50076"
},
{
"name": "CVE-2024-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50077"
},
{
"name": "CVE-2024-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50078"
},
{
"name": "CVE-2024-50081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50081"
},
{
"name": "CVE-2024-46824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46824"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50215"
},
{
"name": "CVE-2024-50235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50235"
},
{
"name": "CVE-2024-50250",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50250"
},
{
"name": "CVE-2024-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50252"
},
{
"name": "CVE-2024-50255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50255"
},
{
"name": "CVE-2024-50259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50259"
},
{
"name": "CVE-2024-50261",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50261"
},
{
"name": "CVE-2024-50271",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50271"
},
{
"name": "CVE-2024-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53042"
},
{
"name": "CVE-2024-53055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53055"
},
{
"name": "CVE-2024-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
},
{
"name": "CVE-2024-53072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53072"
},
{
"name": "CVE-2024-53082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53082"
},
{
"name": "CVE-2024-50226",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50226"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-44994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44994"
},
{
"name": "CVE-2024-50110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50110"
},
{
"name": "CVE-2024-42317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42317"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-43888",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43888"
},
{
"name": "CVE-2024-43910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43910"
},
{
"name": "CVE-2024-44975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44975"
},
{
"name": "CVE-2024-44996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44996"
},
{
"name": "CVE-2024-45027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45027"
},
{
"name": "CVE-2024-46697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46697"
},
{
"name": "CVE-2024-46698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46698"
},
{
"name": "CVE-2024-46788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46788"
},
{
"name": "CVE-2024-46793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46793"
},
{
"name": "CVE-2024-46845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46845"
},
{
"name": "CVE-2024-47734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47734"
},
{
"name": "CVE-2024-49856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49856"
},
{
"name": "CVE-2024-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
},
{
"name": "CVE-2024-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50093"
},
{
"name": "CVE-2024-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50186"
},
{
"name": "CVE-2024-50189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50189"
},
{
"name": "CVE-2022-48982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48982"
},
{
"name": "CVE-2022-48983",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48983"
},
{
"name": "CVE-2022-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48989"
},
{
"name": "CVE-2023-52778",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52778"
},
{
"name": "CVE-2024-49976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49976"
},
{
"name": "CVE-2024-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50101"
},
{
"name": "CVE-2024-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50102"
},
{
"name": "CVE-2024-50121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50121"
},
{
"name": "CVE-2024-50124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50124"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2024-50128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50128"
},
{
"name": "CVE-2024-50136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50136"
},
{
"name": "CVE-2024-50139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50139"
},
{
"name": "CVE-2024-50141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50141"
},
{
"name": "CVE-2024-50145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50145"
},
{
"name": "CVE-2024-50146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50146"
},
{
"name": "CVE-2024-50147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50147"
},
{
"name": "CVE-2024-50153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50153"
},
{
"name": "CVE-2024-50155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50155"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2024-50158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50158"
},
{
"name": "CVE-2024-50160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50160"
},
{
"name": "CVE-2024-50169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50169"
},
{
"name": "CVE-2024-50172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50172"
},
{
"name": "CVE-2024-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50182"
},
{
"name": "CVE-2024-50200",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50200"
},
{
"name": "CVE-2024-50216",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50216"
},
{
"name": "CVE-2024-50274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50274"
},
{
"name": "CVE-2024-50275",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50275"
},
{
"name": "CVE-2024-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53045"
},
{
"name": "CVE-2024-53048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53048"
},
{
"name": "CVE-2024-53074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53074"
},
{
"name": "CVE-2024-53085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53085"
},
{
"name": "CVE-2024-53110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53110"
},
{
"name": "CVE-2024-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50162"
},
{
"name": "CVE-2024-50163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50163"
},
{
"name": "CVE-2024-53097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53097"
},
{
"name": "CVE-2024-53113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53113"
},
{
"name": "CVE-2024-53120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53120"
},
{
"name": "CVE-2024-53123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53123"
},
{
"name": "CVE-2024-53136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53136"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2024-53105",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53105"
},
{
"name": "CVE-2024-53117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53117"
},
{
"name": "CVE-2024-53118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53118"
},
{
"name": "CVE-2024-53134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53134"
},
{
"name": "CVE-2024-53151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53151"
},
{
"name": "CVE-2024-53160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53160"
},
{
"name": "CVE-2024-53166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53166"
},
{
"name": "CVE-2024-53169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53169"
},
{
"name": "CVE-2024-53202",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53202"
},
{
"name": "CVE-2024-53206",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53206"
},
{
"name": "CVE-2024-53207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53207"
},
{
"name": "CVE-2024-53208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53208"
},
{
"name": "CVE-2024-53213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53213"
},
{
"name": "CVE-2024-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53215"
},
{
"name": "CVE-2024-53222",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53222"
},
{
"name": "CVE-2024-53229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53229"
},
{
"name": "CVE-2024-56549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56549"
},
{
"name": "CVE-2024-56667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56667"
},
{
"name": "CVE-2024-56752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56752"
},
{
"name": "CVE-2024-48873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48873"
},
{
"name": "CVE-2024-49951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49951"
},
{
"name": "CVE-2024-53091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53091"
},
{
"name": "CVE-2024-53170",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53170"
},
{
"name": "CVE-2024-53175",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53175"
},
{
"name": "CVE-2024-53185",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53185"
},
{
"name": "CVE-2024-53230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53230"
},
{
"name": "CVE-2024-53231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53231"
},
{
"name": "CVE-2024-53232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53232"
},
{
"name": "CVE-2024-53236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53236"
},
{
"name": "CVE-2024-55881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55881"
},
{
"name": "CVE-2024-56372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56372"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-53238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53238"
},
{
"name": "CVE-2024-56617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56617"
},
{
"name": "CVE-2024-56625",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56625"
},
{
"name": "CVE-2024-56632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56632"
},
{
"name": "CVE-2024-56654",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56654"
},
{
"name": "CVE-2024-56663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56663"
},
{
"name": "CVE-2024-56675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56675"
},
{
"name": "CVE-2024-56708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56708"
},
{
"name": "CVE-2024-56709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56709"
},
{
"name": "CVE-2024-56729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56729"
},
{
"name": "CVE-2024-56745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56745"
},
{
"name": "CVE-2024-56760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56760"
},
{
"name": "CVE-2024-56765",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56765"
},
{
"name": "CVE-2024-57793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57793"
},
{
"name": "CVE-2024-57804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57804"
},
{
"name": "CVE-2024-57932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57932"
},
{
"name": "CVE-2024-57933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57933"
},
{
"name": "CVE-2024-57936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57936"
},
{
"name": "CVE-2025-21645",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21645"
},
{
"name": "CVE-2025-21649",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21649"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-46820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46820"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-53047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53047"
},
{
"name": "CVE-2024-56679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56679"
},
{
"name": "CVE-2024-56707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56707"
},
{
"name": "CVE-2024-56725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56725"
},
{
"name": "CVE-2024-56726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56726"
},
{
"name": "CVE-2024-56727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56727"
},
{
"name": "CVE-2024-57882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57882"
},
{
"name": "CVE-2024-57917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57917"
},
{
"name": "CVE-2025-21663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21663"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2024-50164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50164"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-21671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21671"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2021-47222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47222"
},
{
"name": "CVE-2021-47223",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47223"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2024-47700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47700"
},
{
"name": "CVE-2024-49880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49880"
},
{
"name": "CVE-2024-49885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49885"
},
{
"name": "CVE-2024-49999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49999"
},
{
"name": "CVE-2024-50029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50029"
},
{
"name": "CVE-2024-50107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50107"
},
{
"name": "CVE-2024-50109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50109"
},
{
"name": "CVE-2024-50114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50114"
},
{
"name": "CVE-2024-50120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50120"
},
{
"name": "CVE-2024-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50152"
},
{
"name": "CVE-2024-50165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50165"
},
{
"name": "CVE-2024-50197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50197"
},
{
"name": "CVE-2024-50207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50207"
},
{
"name": "CVE-2024-50223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50223"
},
{
"name": "CVE-2024-50294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50294"
},
{
"name": "CVE-2024-50303",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50303"
},
{
"name": "CVE-2024-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53044"
},
{
"name": "CVE-2024-53109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53109"
},
{
"name": "CVE-2024-53167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53167"
},
{
"name": "CVE-2024-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53176"
},
{
"name": "CVE-2024-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53178"
},
{
"name": "CVE-2024-53189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53189"
},
{
"name": "CVE-2024-56535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56535"
},
{
"name": "CVE-2024-56545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56545"
},
{
"name": "CVE-2024-56696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56696"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2024-56742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56742"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2024-56783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56783"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2022-49080",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49080"
},
{
"name": "CVE-2022-49089",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49089"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2021-47648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47648"
},
{
"name": "CVE-2021-47649",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47649"
},
{
"name": "CVE-2021-47650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47650"
},
{
"name": "CVE-2021-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47659"
},
{
"name": "CVE-2022-49058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49058"
},
{
"name": "CVE-2022-49061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49061"
},
{
"name": "CVE-2022-49065",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49065"
},
{
"name": "CVE-2022-49066",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49066"
},
{
"name": "CVE-2022-49074",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49074"
},
{
"name": "CVE-2022-49086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49086"
},
{
"name": "CVE-2022-49090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49090"
},
{
"name": "CVE-2022-49092",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49092"
},
{
"name": "CVE-2022-49097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49097"
},
{
"name": "CVE-2022-49100",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49100"
},
{
"name": "CVE-2022-49103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49103"
},
{
"name": "CVE-2022-49107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49107"
},
{
"name": "CVE-2022-49118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49118"
},
{
"name": "CVE-2022-49122",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49122"
},
{
"name": "CVE-2022-49130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49130"
},
{
"name": "CVE-2022-49145",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49145"
},
{
"name": "CVE-2022-49147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49147"
},
{
"name": "CVE-2022-49148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49148"
},
{
"name": "CVE-2022-49153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49153"
},
{
"name": "CVE-2022-49154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49154"
},
{
"name": "CVE-2022-49155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49155"
},
{
"name": "CVE-2022-49156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49156"
},
{
"name": "CVE-2022-49159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49159"
},
{
"name": "CVE-2022-49174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49174"
},
{
"name": "CVE-2022-49175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49175"
},
{
"name": "CVE-2022-49180",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49180"
},
{
"name": "CVE-2022-49187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49187"
},
{
"name": "CVE-2022-49188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49188"
},
{
"name": "CVE-2022-49206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49206"
},
{
"name": "CVE-2022-49208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49208"
},
{
"name": "CVE-2022-49216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49216"
},
{
"name": "CVE-2022-49227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49227"
},
{
"name": "CVE-2022-49257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49257"
},
{
"name": "CVE-2022-49259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49259"
},
{
"name": "CVE-2022-49262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49262"
},
{
"name": "CVE-2022-49263",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49263"
},
{
"name": "CVE-2022-49264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49264"
},
{
"name": "CVE-2022-49266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49266"
},
{
"name": "CVE-2022-49268",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49268"
},
{
"name": "CVE-2022-49269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49269"
},
{
"name": "CVE-2022-49272",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49272"
},
{
"name": "CVE-2022-49273",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49273"
},
{
"name": "CVE-2022-49279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49279"
},
{
"name": "CVE-2022-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49286"
},
{
"name": "CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"name": "CVE-2022-49297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49297"
},
{
"name": "CVE-2022-49307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49307"
},
{
"name": "CVE-2022-49308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49308"
},
{
"name": "CVE-2022-49321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49321"
},
{
"name": "CVE-2022-49322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49322"
},
{
"name": "CVE-2022-49323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49323"
},
{
"name": "CVE-2022-49339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49339"
},
{
"name": "CVE-2022-49341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49341"
},
{
"name": "CVE-2022-49343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49343"
},
{
"name": "CVE-2022-49345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49345"
},
{
"name": "CVE-2022-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49350"
},
{
"name": "CVE-2022-49352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49352"
},
{
"name": "CVE-2022-49356",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49356"
},
{
"name": "CVE-2022-49357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49357"
},
{
"name": "CVE-2022-49376",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49376"
},
{
"name": "CVE-2022-49378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49378"
},
{
"name": "CVE-2022-49379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49379"
},
{
"name": "CVE-2022-49384",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49384"
},
{
"name": "CVE-2022-49394",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49394"
},
{
"name": "CVE-2022-49400",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49400"
},
{
"name": "CVE-2022-49402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49402"
},
{
"name": "CVE-2022-49404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49404"
},
{
"name": "CVE-2022-49407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49407"
},
{
"name": "CVE-2022-49409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49409"
},
{
"name": "CVE-2022-49422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49422"
},
{
"name": "CVE-2022-49432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49432"
},
{
"name": "CVE-2022-49433",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49433"
},
{
"name": "CVE-2022-49434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49434"
},
{
"name": "CVE-2022-49441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49441"
},
{
"name": "CVE-2022-49447",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49447"
},
{
"name": "CVE-2022-49455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49455"
},
{
"name": "CVE-2022-49468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49468"
},
{
"name": "CVE-2022-49472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49472"
},
{
"name": "CVE-2022-49475",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49475"
},
{
"name": "CVE-2022-49481",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49481"
},
{
"name": "CVE-2022-49486",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49486"
},
{
"name": "CVE-2022-49492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49492"
},
{
"name": "CVE-2022-49498",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49498"
},
{
"name": "CVE-2022-49503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49503"
},
{
"name": "CVE-2022-49508",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49508"
},
{
"name": "CVE-2022-49515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49515"
},
{
"name": "CVE-2022-49519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49519"
},
{
"name": "CVE-2022-49520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49520"
},
{
"name": "CVE-2022-49521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49521"
},
{
"name": "CVE-2022-49523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49523"
},
{
"name": "CVE-2022-49526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49526"
},
{
"name": "CVE-2022-49532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49532"
},
{
"name": "CVE-2022-49545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49545"
},
{
"name": "CVE-2022-49559",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49559"
},
{
"name": "CVE-2022-49581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49581"
},
{
"name": "CVE-2022-49583",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49583"
},
{
"name": "CVE-2022-49584",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49584"
},
{
"name": "CVE-2022-49592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49592"
},
{
"name": "CVE-2022-49603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49603"
},
{
"name": "CVE-2022-49605",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49605"
},
{
"name": "CVE-2022-49606",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49606"
},
{
"name": "CVE-2022-49607",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49607"
},
{
"name": "CVE-2022-49611",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49611"
},
{
"name": "CVE-2022-49613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49613"
},
{
"name": "CVE-2022-49625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49625"
},
{
"name": "CVE-2022-49627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49627"
},
{
"name": "CVE-2022-49631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49631"
},
{
"name": "CVE-2022-49634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49634"
},
{
"name": "CVE-2022-49640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49640"
},
{
"name": "CVE-2022-49641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49641"
},
{
"name": "CVE-2022-49642",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49642"
},
{
"name": "CVE-2022-49643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49643"
},
{
"name": "CVE-2022-49646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49646"
},
{
"name": "CVE-2022-49648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49648"
},
{
"name": "CVE-2022-49653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49653"
},
{
"name": "CVE-2022-49656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49656"
},
{
"name": "CVE-2022-49657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49657"
},
{
"name": "CVE-2022-49663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49663"
},
{
"name": "CVE-2022-49670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49670"
},
{
"name": "CVE-2022-49671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49671"
},
{
"name": "CVE-2022-49672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49672"
},
{
"name": "CVE-2022-49673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49673"
},
{
"name": "CVE-2022-49674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49674"
},
{
"name": "CVE-2022-49675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49675"
},
{
"name": "CVE-2022-49679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49679"
},
{
"name": "CVE-2022-49688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49688"
},
{
"name": "CVE-2022-49699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49699"
},
{
"name": "CVE-2022-49707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49707"
},
{
"name": "CVE-2022-49708",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49708"
},
{
"name": "CVE-2022-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49710"
},
{
"name": "CVE-2022-49716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49716"
},
{
"name": "CVE-2022-49721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49721"
},
{
"name": "CVE-2022-49723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49723"
},
{
"name": "CVE-2022-49726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49726"
},
{
"name": "CVE-2022-49731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49731"
},
{
"name": "CVE-2024-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48876"
},
{
"name": "CVE-2024-53681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53681"
},
{
"name": "CVE-2024-54460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54460"
},
{
"name": "CVE-2024-55642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55642"
},
{
"name": "CVE-2024-56613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56613"
},
{
"name": "CVE-2024-56624",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56624"
},
{
"name": "CVE-2024-56638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56638"
},
{
"name": "CVE-2024-56653",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56653"
},
{
"name": "CVE-2024-56657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56657"
},
{
"name": "CVE-2024-56669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56669"
},
{
"name": "CVE-2024-56710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56710"
},
{
"name": "CVE-2024-56714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56714"
},
{
"name": "CVE-2024-56772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56772"
},
{
"name": "CVE-2024-56773",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56773"
},
{
"name": "CVE-2024-57878",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57878"
},
{
"name": "CVE-2024-57879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57879"
},
{
"name": "CVE-2024-57885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57885"
},
{
"name": "CVE-2025-21644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21644"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2022-49057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49057"
},
{
"name": "CVE-2022-49062",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49062"
},
{
"name": "CVE-2022-49064",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49064"
},
{
"name": "CVE-2022-49070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49070"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2022-49204",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49204"
},
{
"name": "CVE-2022-49205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49205"
},
{
"name": "CVE-2022-49207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49207"
},
{
"name": "CVE-2022-49209",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49209"
},
{
"name": "CVE-2022-49225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49225"
},
{
"name": "CVE-2022-49228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49228"
},
{
"name": "CVE-2022-49237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49237"
},
{
"name": "CVE-2022-49330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49330"
},
{
"name": "CVE-2022-49353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49353"
},
{
"name": "CVE-2022-49406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49406"
},
{
"name": "CVE-2022-49436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49436"
},
{
"name": "CVE-2022-49446",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49446"
},
{
"name": "CVE-2022-49476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49476"
},
{
"name": "CVE-2022-49511",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49511"
},
{
"name": "CVE-2022-49518",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49518"
},
{
"name": "CVE-2022-49538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49538"
},
{
"name": "CVE-2022-49548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49548"
},
{
"name": "CVE-2022-49552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49552"
},
{
"name": "CVE-2022-49560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49560"
},
{
"name": "CVE-2022-49565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49565"
},
{
"name": "CVE-2022-49624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49624"
},
{
"name": "CVE-2022-49638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49638"
},
{
"name": "CVE-2022-49655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49655"
},
{
"name": "CVE-2022-49658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49658"
},
{
"name": "CVE-2022-49697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49697"
},
{
"name": "CVE-2022-49732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49732"
},
{
"name": "CVE-2022-49739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49739"
},
{
"name": "CVE-2022-49746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49746"
},
{
"name": "CVE-2022-49759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49759"
},
{
"name": "CVE-2023-52933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52933"
},
{
"name": "CVE-2023-52941",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52941"
},
{
"name": "CVE-2023-52976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52976"
},
{
"name": "CVE-2023-52984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52984"
},
{
"name": "CVE-2023-52992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52992"
},
{
"name": "CVE-2023-52993",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52993"
},
{
"name": "CVE-2023-53006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53006"
},
{
"name": "CVE-2023-53007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53007"
},
{
"name": "CVE-2023-53015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53015"
},
{
"name": "CVE-2023-53016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53016"
},
{
"name": "CVE-2023-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53019"
},
{
"name": "CVE-2023-53026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53026"
},
{
"name": "CVE-2023-53029",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53029"
},
{
"name": "CVE-2023-53030",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53030"
},
{
"name": "CVE-2023-53033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53033"
},
{
"name": "CVE-2024-46736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46736"
},
{
"name": "CVE-2024-46796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46796"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21876"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21938"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2022-49220",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49220"
},
{
"name": "CVE-2022-49372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49372"
},
{
"name": "CVE-2022-49578",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49578"
},
{
"name": "CVE-2022-49589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49589"
},
{
"name": "CVE-2022-49620",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49620"
},
{
"name": "CVE-2023-52997",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52997"
},
{
"name": "CVE-2023-53031",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53031"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21953"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2022-49171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49171"
},
{
"name": "CVE-2022-49197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49197"
},
{
"name": "CVE-2022-49561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49561"
},
{
"name": "CVE-2022-49590",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49590"
},
{
"name": "CVE-2023-52928",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52928"
},
{
"name": "CVE-2023-52937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52937"
},
{
"name": "CVE-2023-52938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52938"
},
{
"name": "CVE-2023-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52981"
},
{
"name": "CVE-2023-52982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52982"
},
{
"name": "CVE-2023-52986",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52986"
},
{
"name": "CVE-2023-53009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53009"
},
{
"name": "CVE-2023-53032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53032"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58074"
},
{
"name": "CVE-2025-21974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21974"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21939"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2024-57987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57987"
},
{
"name": "CVE-2024-57988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57988"
},
{
"name": "CVE-2024-57995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57995"
},
{
"name": "CVE-2024-58015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58015"
},
{
"name": "CVE-2024-58062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58062"
},
{
"name": "CVE-2025-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21713"
},
{
"name": "CVE-2025-21770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21770"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2021-47316",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47316"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
}
],
"initial_release_date": "2025-12-02T00:00:00",
"last_revision_date": "2025-12-02T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1057",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36560",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36560"
},
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36564",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36564"
}
]
}
CERTFR-2026-AVI-0199
Vulnerability from certfr_avis - Published: 2026-02-24 - Updated: 2026-02-24
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une injection de code indirecte à distance (XSS).
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Telco Cloud Platform | Telco Cloud Platform versions 4.x et 5.x sans le correctif de sécurité KB428241 | ||
| VMware | Tanzu Data Services | Tanzu Data Flow versions antérieures à 2.0.2 sur Tanzu Platform | ||
| VMware | Azure Spring Enterprise | Harbor Registry versions antérieures à 2.14.2 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour MySQL versions 2.0.0 sur Kubernetes | ||
| VMware | Cloud Foundation | Cloud Foundation versions 9.x antérieures à 9.0.2.0 | ||
| VMware | Tanzu Kubernetes Runtime | App Metrics versions antérieures à2.3.3 | ||
| VMware | Tanzu Data Intelligence | Tanzu GemFire versions antérieures à 2.6.1 sur Kubernetes | ||
| VMware | Tanzu Kubernetes Runtime | CredHub Secrets Management pour Tanzu Platform versions antérieures à 1.6.8 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Valkey version 3.3.1 sur Kubernetes | ||
| VMware | Tanzu Operations Manager | Foundation Core pour Tanzu Platform versions antérieures à 3.2.4 | ||
| VMware | Aria Operations | Aria Operations versions 8.x antérieures à 8.18.6 | ||
| VMware | Tanzu Kubernetes Runtime | cf-mgmt pour Tanzu Platform versions antérieures à 1.0.108 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Valkey version 9.0.1 | ||
| VMware | Tanzu Kubernetes Runtime | Extended App Support pour Tanzu Platform versions antérieures à 1.0.15 | ||
| VMware | Tanzu Data Intelligence | Tanzu GemFire Management versions antérieures à 1.4.3 | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.77 | ||
| VMware | Tanzu Kubernetes Runtime | Cloud Native Buildpacks pour Tanzu Platform versions antérieures à 0.6.5 | ||
| VMware | Cloud Foundation | Cloud Foundation versions 4.x et 5.x sans le correctif de sécurité KB92148 | ||
| VMware | Tanzu Kubernetes Runtime | AI Services pour Tanzu Platform versions antérieures à 10.3.4 | ||
| VMware | Tanzu Kubernetes Runtime | Java Buildpack versions antérieures à 4.89.0 | ||
| VMware | Telco Cloud Infrastructure | Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de sécurité KB428241 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour Tanzu Platform versions antérieures à 6.0.25+LTS-T, 10.2.8+LTS-T et 10.3.5 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Telco Cloud Platform versions 4.x et 5.x sans le correctif de s\u00e9curit\u00e9 KB428241",
"product": {
"name": "Telco Cloud Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Data Flow versions ant\u00e9rieures \u00e0 2.0.2 sur Tanzu Platform",
"product": {
"name": "Tanzu Data Services",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Harbor Registry versions ant\u00e9rieures \u00e0 2.14.2",
"product": {
"name": "Azure Spring Enterprise",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour MySQL versions 2.0.0 sur Kubernetes",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Foundation versions 9.x ant\u00e9rieures \u00e0 9.0.2.0",
"product": {
"name": "Cloud Foundation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Metrics versions ant\u00e9rieures \u00e02.3.3",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 2.6.1 sur Kubernetes",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Secrets Management pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.6.8",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Valkey version 3.3.1 sur Kubernetes",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.4",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Aria Operations versions 8.x ant\u00e9rieures \u00e0 8.18.6",
"product": {
"name": "Aria Operations",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "cf-mgmt pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.108",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Valkey version 9.0.1",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.15",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire Management versions ant\u00e9rieures \u00e0 1.4.3",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.77",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Native Buildpacks pour Tanzu Platform versions ant\u00e9rieures \u00e0 0.6.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Foundation versions 4.x et 5.x sans le correctif de s\u00e9curit\u00e9 KB92148",
"product": {
"name": "Cloud Foundation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.4",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.89.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de s\u00e9curit\u00e9 KB428241",
"product": {
"name": "Telco Cloud Infrastructure",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.25+LTS-T, 10.2.8+LTS-T et 10.3.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-47219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47219"
},
{
"name": "CVE-2021-22898",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2021-42384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42384"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2025-61730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2017-16544",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16544"
},
{
"name": "CVE-2025-39987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39987"
},
{
"name": "CVE-2021-42378",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42378"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2022-24450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24450"
},
{
"name": "CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"name": "CVE-2025-15282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-42382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42382"
},
{
"name": "CVE-2020-10750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10750"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-40055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40055"
},
{
"name": "CVE-2021-42376",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42376"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2026-22801",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22801"
},
{
"name": "CVE-2025-39876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39876"
},
{
"name": "CVE-2025-40029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40029"
},
{
"name": "CVE-2025-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38561"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2025-40048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40048"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2025-40219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40219"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2025-40043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40043"
},
{
"name": "CVE-2020-8169",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
},
{
"name": "CVE-2021-41091",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41091"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2026-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21936"
},
{
"name": "CVE-2025-59775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59775"
},
{
"name": "CVE-2026-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21937"
},
{
"name": "CVE-2025-39973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39973"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2025-66614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
},
{
"name": "CVE-2018-1000517",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000517"
},
{
"name": "CVE-2025-15469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
},
{
"name": "CVE-2025-39943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39943"
},
{
"name": "CVE-2025-39945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39945"
},
{
"name": "CVE-2025-39883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39883"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-40019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40019"
},
{
"name": "CVE-2025-40240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-40081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40081"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2025-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40153"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2025-40121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40121"
},
{
"name": "CVE-2026-1642",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1642"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2025-55753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55753"
},
{
"name": "CVE-2025-11468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
},
{
"name": "CVE-2025-40204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40204"
},
{
"name": "CVE-2025-40171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40171"
},
{
"name": "CVE-2021-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2025-39911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39911"
},
{
"name": "CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10543"
},
{
"name": "CVE-2025-40125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40125"
},
{
"name": "CVE-2025-40349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40349"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2019-5481",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
},
{
"name": "CVE-2025-26646",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26646"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-29222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29222"
},
{
"name": "CVE-2025-40187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40187"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2024-21012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
},
{
"name": "CVE-2025-39913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39913"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2025-40092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40092"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2025-39967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39967"
},
{
"name": "CVE-2025-40115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40115"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2021-42386",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42386"
},
{
"name": "CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2025-13837",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2025-39949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39949"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-29190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29190"
},
{
"name": "CVE-2025-40173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40173"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-28948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2024-56538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56538"
},
{
"name": "CVE-2025-39923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39923"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"name": "CVE-2022-31030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2018-20679",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20679"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-39953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39953"
},
{
"name": "CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"name": "CVE-2023-2253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2026-2006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2025-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40167"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-39969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39969"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2017-15873",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15873"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2025-40194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40194"
},
{
"name": "CVE-2025-40245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40245"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-24557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2025-40001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40001"
},
{
"name": "CVE-2026-1485",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1485"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2025-40035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40035"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-39988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39988"
},
{
"name": "CVE-2026-22719",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22719"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2026-2005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
},
{
"name": "CVE-2020-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-39399",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39399"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-38584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38584"
},
{
"name": "CVE-2021-42374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42374"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-40233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
},
{
"name": "CVE-2025-40020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40020"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2025-40188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40188"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2023-22041",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22041"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2025-66200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66200"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"name": "CVE-2023-34231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34231"
},
{
"name": "CVE-2026-0988",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0988"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-65637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65637"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2026-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
},
{
"name": "CVE-2023-47090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47090"
},
{
"name": "CVE-2025-40049",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40049"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2025-40070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40070"
},
{
"name": "CVE-2022-29946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29946"
},
{
"name": "CVE-2025-40106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40106"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-22947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
},
{
"name": "CVE-2025-40205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40205"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2021-22922",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2021-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38561"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-39885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39885"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"name": "CVE-2020-8284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-30215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30215"
},
{
"name": "CVE-2016-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2024-40635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2026-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21948"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-39970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39970"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2025-39994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39994"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-40088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40088"
},
{
"name": "CVE-2025-40220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
},
{
"name": "CVE-2021-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22036"
},
{
"name": "CVE-2025-13151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13151"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2022-28391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28391"
},
{
"name": "CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"name": "CVE-2025-40109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40109"
},
{
"name": "CVE-2025-40006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40006"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2022-26652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26652"
},
{
"name": "CVE-2025-40011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40011"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-40085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40085"
},
{
"name": "CVE-2023-42365",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42365"
},
{
"name": "CVE-2025-40231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40231"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"name": "CVE-2021-42379",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42379"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-23143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23143"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2025-65082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65082"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2026-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21964"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2022-36109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
},
{
"name": "CVE-2025-68146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
},
{
"name": "CVE-2025-40183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40183"
},
{
"name": "CVE-2021-42381",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42381"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2025-39998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39998"
},
{
"name": "CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2025-40134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40134"
},
{
"name": "CVE-2017-15874",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15874"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2026-25210",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25210"
},
{
"name": "CVE-2025-39968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39968"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-39986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39986"
},
{
"name": "CVE-2025-39955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39955"
},
{
"name": "CVE-2025-66293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
},
{
"name": "CVE-2022-24769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2025-58098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58098"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2021-22897",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
},
{
"name": "CVE-2025-40078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40078"
},
{
"name": "CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-40116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40116"
},
{
"name": "CVE-2025-68249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68249"
},
{
"name": "CVE-2026-0990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0990"
},
{
"name": "CVE-2025-39934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39934"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2025-40179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40179"
},
{
"name": "CVE-2025-40127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40127"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-39996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39996"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2026-22721",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22721"
},
{
"name": "CVE-2025-40053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40053"
},
{
"name": "CVE-2026-24515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24515"
},
{
"name": "CVE-2025-39951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39951"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2025-40120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40120"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2022-48174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48174"
},
{
"name": "CVE-2025-61594",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61594"
},
{
"name": "CVE-2023-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21835"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2025-40243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40243"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2021-41089",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41089"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2026-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21968"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"name": "CVE-2023-42364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42364"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-40118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40118"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2025-40021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40021"
},
{
"name": "CVE-2025-67735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2019-5747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5747"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2025-40044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40044"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2025-40105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40105"
},
{
"name": "CVE-2018-1000500",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2026-26014",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26014"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2025-40112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40112"
},
{
"name": "CVE-2024-27289",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27289"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2025-39971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39971"
},
{
"name": "CVE-2025-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
},
{
"name": "CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2026-23949",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23949"
},
{
"name": "CVE-2021-42385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42385"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2026-0915",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
},
{
"name": "CVE-2025-15281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2025-40126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40126"
},
{
"name": "CVE-2025-39972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39972"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2021-42836",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42836"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"name": "CVE-2025-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-40200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40200"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2025-38236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38236"
},
{
"name": "CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"name": "CVE-2025-40124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40124"
},
{
"name": "CVE-2025-39880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39880"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-40094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40094"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"name": "CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2026-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21941"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2025-40111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40111"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2025-40068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40068"
},
{
"name": "CVE-2025-40042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40042"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2026-22695",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22695"
},
{
"name": "CVE-2026-23490",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
},
{
"name": "CVE-2026-24733",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24733"
},
{
"name": "CVE-2026-0992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0992"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2026-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21947"
},
{
"name": "CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2019-5482",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2021-22926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-39937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39937"
},
{
"name": "CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-40060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40060"
},
{
"name": "CVE-2026-2003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
},
{
"name": "CVE-2019-5443",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
},
{
"name": "CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2020-1967",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1967"
},
{
"name": "CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"name": "CVE-2025-60876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60876"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-11065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11065"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2026-1484",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1484"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2025-40178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40178"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2025-39869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39869"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-39985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39985"
},
{
"name": "CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2021-22923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2025-59464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59464"
},
{
"name": "CVE-2023-22006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22006"
},
{
"name": "CVE-2019-5435",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2026-1489",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1489"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2026-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
},
{
"name": "CVE-2026-0672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2021-43565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-23648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2026-22720",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22720"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-42363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42363"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2025-39980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39980"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2025-40346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40346"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-40030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40030"
},
{
"name": "CVE-2025-40244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40244"
},
{
"name": "CVE-2025-39995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39995"
},
{
"name": "CVE-2025-68119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68119"
},
{
"name": "CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-22873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22873"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2025-39907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39907"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"name": "CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2025-40140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40140"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2025-40223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40223"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2026-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
},
{
"name": "CVE-2024-53114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53114"
},
{
"name": "CVE-2024-27304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
},
{
"name": "CVE-2026-22703",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22703"
},
{
"name": "CVE-2026-0989",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0989"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2025-39873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39873"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-29189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29189"
},
{
"name": "CVE-2025-38248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
},
{
"name": "CVE-2025-40351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40351"
},
{
"name": "CVE-2025-40087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40087"
},
{
"name": "CVE-2026-25646",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25646"
}
],
"initial_release_date": "2026-02-24T00:00:00",
"last_revision_date": "2026-02-24T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0199",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une injection de code indirecte \u00e0 distance (XSS).",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37012",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37012"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37001",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37001"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37013",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37013"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37003",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37003"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37023",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37023"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37017",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37017"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37006",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37006"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37024",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37024"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36997",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36997"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37004",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37004"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36947",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37018",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37018"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37005",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37005"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37008",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37008"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37007",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37007"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37020",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37020"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36998",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36998"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37002",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37002"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37021",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37021"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37022",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37022"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37016",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37016"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37019",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37019"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37010",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37010"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37009",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37009"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37000",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37000"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37011",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37011"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37015",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37015"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37014",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37014"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36999",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36999"
}
]
}
CISCO-SA-OPENSSL-W9SDCC2A
Vulnerability from csaf_cisco - Published: 2022-10-28 16:00 - Updated: 2022-11-23 20:23Summary
Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022
Notes
Summary: On November 1, 2022, the OpenSSL Project announced the following vulnerabilities:
CVE-2022-3602 - X.509 Email Address 4-byte Buffer Overflow
CVE-2022-3786 - X.509 Email Address Variable Length Buffer Overflow
For a description of these vulnerabilities, see OpenSSL Security Advisory [Nov 1 2022] ["https://www.openssl.org/news/secadv/20221101.txt"].
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"]
Affected Products: Cisco investigated its product line to determine which products and cloud services may be affected by these vulnerabilities. OpenSSL 3.x is not widely used in Cisco products and cloud offers, and only products that may contain the affected software are listed in this advisory. If a product or cloud offer is not explicitly listed in this advisory, it is not vulnerable.
Vulnerable Products: The following table lists Cisco products that are affected by one or more of the vulnerabilities that are described in this advisory. If a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details.
Product Cisco Bug ID Fixed Release Availability ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"] Endpoint Clients and Client Software Operational Insights Collector CSCwd44110 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd44110"] ScienceLogic Application Software 3.0.1 (Nov 2022)
HPNA Application Software 2.0.1 (Nov 2022)
APIC Application Software 3.0.1 (Nov 2022)
SolarWinds Application Software 3.0.1 (Nov 2022)
Syslog Collector 2.0.1 (Nov 2022) Network Management and Provisioning IoT Field Network Director, formerly Connected Grid Network Management System CSCwd44112 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd44112"] 4.8.1 (Available)
4.9.0 (Available)
5.0.0 (May 2023)
Products Confirmed Not Vulnerable: Only products that may contain the affected software are listed in this advisory. If a product or cloud offer is not explicitly listed in this advisory, it is not vulnerable.
Cisco has confirmed that this vulnerability does not affect the following Cisco products:
Network and Content Security Devices
Identity Services Engine (ISE)
Secure Network Analytics, formerly Stealthwatch
Network Management and Provisioning
Application Policy Infrastructure Controller (APIC)
Cisco Container Platform
Data Center Network Manager (DCNM)
Elastic Services Controller (ESC)
Evolved Programmable Network Manager
Nexus Dashboard, formerly Application Services Engine
Prime Infrastructure
Routing and Switching - Enterprise and Service Provider
SD-WAN vAnalytics
SD-WAN vManage
Ultra Cloud Core - Network Respository Function
Ultra Cloud Core - Policy Control Function
Ultra Cloud Core - Redundancy Configuration Manager
Ultra Cloud Core - Subscriber Microservices Infrastructure
Ultra Cloud Core - User Plane Function
Unified Computing
HyperFlex System
UCS Blade Server - Integrated Management Controller
UCS Manager
Cisco Cloud Offerings
Cisco investigated its cloud offers to determine which products may be affected by these vulnerabilities. The following table lists Cisco cloud offers that are under investigation. Only cloud offers known to possibly be affected are listed. If a cloud offer is not explicitly listed in this advisory, it is not vulnerable.
Product Disposition AppDynamics Not affected CX Cloud Not affected Duo Not affected Intersight Not affected Meraki Not affected SD-WAN Not affected SecureX Not affected ThousandEyes Not affected Umbrella Not affected Unified Communications Manager Cloud Not affected Webex Calling Not affected Webex Cloud-Connected UC Not affected Webex Contact Center Not affected Webex Teams Not affected
Workarounds: Any workarounds for a specific Cisco product or service will be documented in the relevant Cisco bugs, which are identified in the Vulnerable Products ["#vp"] section of this advisory.
Fixed Software: For information about fixed software releases ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], consult the Cisco bugs identified in the Vulnerable Products ["#vp"] section of this advisory.
When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories ["https://www.cisco.com/go/psirt"] page, to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Vulnerability Policy: To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements: The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerabilities that are described in this advisory.
Source: These vulnerabilities were publicly disclosed by the OpenSSL Software Foundation on November 1, 2022.
Legal Disclaimer: THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
None Available
No remediation is available at this time.
None Available
No remediation is available at this time.
References
11 references
| URL | Category |
|---|---|
| https://sec.cloudapps.cisco.com/security/center/c… | self |
| https://sec.cloudapps.cisco.com/security/center/r… | external |
| https://www.openssl.org/news/secadv/20221101.txt | external |
| https://sec.cloudapps.cisco.com/security/center/c… | external |
| https://sec.cloudapps.cisco.com/security/center/r… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://sec.cloudapps.cisco.com/security/center/r… | external |
| https://sec.cloudapps.cisco.com/security/center/r… | external |
| https://www.cisco.com/go/psirt | external |
| https://sec.cloudapps.cisco.com/security/center/r… | external |
Acknowledgments
{
"document": {
"acknowledgments": [
{
"summary": "These vulnerabilities were publicly disclosed by the OpenSSL Software Foundation on November 1, 2022."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "On November 1, 2022, the OpenSSL Project announced the following vulnerabilities:\r\n\r\nCVE-2022-3602 - X.509 Email Address 4-byte Buffer Overflow\r\nCVE-2022-3786 - X.509 Email Address Variable Length Buffer Overflow\r\n\r\nFor a description of these vulnerabilities, see OpenSSL Security Advisory [Nov 1 2022] [\"https://www.openssl.org/news/secadv/20221101.txt\"].\r\n\r\nThis advisory is available at the following link:\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a\"]",
"title": "Summary"
},
{
"category": "general",
"text": "Cisco investigated its product line to determine which products and cloud services may be affected by these vulnerabilities. OpenSSL 3.x is not widely used in Cisco products and cloud offers, and only products that may contain the affected software are listed in this advisory. If a product or cloud offer is not explicitly listed in this advisory, it is not vulnerable.",
"title": "Affected Products"
},
{
"category": "general",
"text": "The following table lists Cisco products that are affected by one or more of the vulnerabilities that are described in this advisory. If a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details.\r\n Product Cisco Bug ID Fixed Release Availability [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"] Endpoint Clients and Client Software Operational Insights Collector CSCwd44110 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd44110\"] ScienceLogic Application Software 3.0.1 (Nov 2022)\r\nHPNA Application Software 2.0.1 (Nov 2022)\r\nAPIC Application Software 3.0.1 (Nov 2022)\r\nSolarWinds Application Software 3.0.1 (Nov 2022)\r\nSyslog Collector 2.0.1 (Nov 2022) Network Management and Provisioning IoT Field Network Director, formerly Connected Grid Network Management System CSCwd44112 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd44112\"] 4.8.1 (Available)\r\n4.9.0 (Available)\r\n5.0.0 (May 2023)",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Only products that may contain the affected software are listed in this advisory. If a product or cloud offer is not explicitly listed in this advisory, it is not vulnerable.\r\n\r\nCisco has confirmed that this vulnerability does not affect the following Cisco products:\r\n\r\nNetwork and Content Security Devices\r\n\r\nIdentity Services Engine (ISE)\r\nSecure Network Analytics, formerly Stealthwatch\r\n\r\nNetwork Management and Provisioning\r\n\r\nApplication Policy Infrastructure Controller (APIC)\r\nCisco Container Platform\r\nData Center Network Manager (DCNM)\r\nElastic Services Controller (ESC)\r\nEvolved Programmable Network Manager\r\nNexus Dashboard, formerly Application Services Engine\r\nPrime Infrastructure\r\n\r\nRouting and Switching - Enterprise and Service Provider\r\n\r\nSD-WAN vAnalytics\r\nSD-WAN vManage\r\nUltra Cloud Core - Network Respository Function\r\nUltra Cloud Core - Policy Control Function\r\nUltra Cloud Core - Redundancy Configuration Manager\r\nUltra Cloud Core - Subscriber Microservices Infrastructure\r\nUltra Cloud Core - User Plane Function\r\n\r\nUnified Computing\r\n\r\nHyperFlex System\r\nUCS Blade Server - Integrated Management Controller\r\nUCS Manager\r\n Cisco Cloud Offerings\r\n\r\nCisco investigated its cloud offers to determine which products may be affected by these vulnerabilities. The following table lists Cisco cloud offers that are under investigation. Only cloud offers known to possibly be affected are listed. If a cloud offer is not explicitly listed in this advisory, it is not vulnerable.\r\n\r\n Product Disposition AppDynamics Not affected CX Cloud Not affected Duo Not affected Intersight Not affected Meraki Not affected SD-WAN Not affected SecureX Not affected ThousandEyes Not affected Umbrella Not affected Unified Communications Manager Cloud Not affected Webex Calling Not affected Webex Cloud-Connected UC Not affected Webex Contact Center Not affected Webex Teams Not affected",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "Any workarounds for a specific Cisco product or service will be documented in the relevant Cisco bugs, which are identified in the Vulnerable Products [\"#vp\"] section of this advisory.",
"title": "Workarounds"
},
{
"category": "general",
"text": "For information about fixed software releases [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], consult the Cisco bugs identified in the Vulnerable Products [\"#vp\"] section of this advisory.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories [\"https://www.cisco.com/go/psirt\"] page, to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerabilities that are described in this advisory.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "These vulnerabilities were publicly disclosed by the OpenSSL Software Foundation on November 1, 2022.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "Emergency Support:\r\n+1 877 228 7302 (toll-free within North America)\r\n+1 408 525 6532 (International direct-dial)\r\nNon-emergency Support:\r\nEmail: psirt@cisco.com\r\nSupport requests that are received via e-mail are typically acknowledged within 48 hours.",
"issuing_authority": "Cisco product security incident response is the responsibility of the Cisco Product Security Incident Response Team (PSIRT). The Cisco PSIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks. The on-call Cisco PSIRT works 24x7 with Cisco customers, independent security researchers, consultants, industry organizations, and other vendors to identify possible security issues with Cisco products and networks.\r\nMore information can be found in Cisco Security Vulnerability Policy available at https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "OpenSSL Security Advisory [Nov 1 2022]",
"url": "https://www.openssl.org/news/secadv/20221101.txt"
},
{
"category": "external",
"summary": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"
},
{
"category": "external",
"summary": "Fixed Release Availability",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "CSCwd44110",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd44110"
},
{
"category": "external",
"summary": "CSCwd44112",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd44112"
},
{
"category": "external",
"summary": "fixed software releases",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "considering software upgrades",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "Cisco\u0026nbsp;Security Advisories",
"url": "https://www.cisco.com/go/psirt"
},
{
"category": "external",
"summary": "Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
}
],
"title": "Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022",
"tracking": {
"current_release_date": "2022-11-23T20:23:17+00:00",
"generator": {
"date": "2022-11-23T20:23:22+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-openssl-W9sdCc2a",
"initial_release_date": "2022-10-28T16:00:00+00:00",
"revision_history": [
{
"date": "2022-10-28T21:40:41+00:00",
"number": "1.0.0",
"summary": "Initial public release."
},
{
"date": "2022-11-01T20:23:02+00:00",
"number": "1.1.0",
"summary": "Update with OpenSSL public announcement."
},
{
"date": "2022-11-02T19:26:36+00:00",
"number": "1.2.0",
"summary": "Update products under investigation and products confirmed not vulnerable."
},
{
"date": "2022-11-03T20:12:42+00:00",
"number": "1.3.0",
"summary": "Update products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2022-11-04T18:40:16+00:00",
"number": "1.4.0",
"summary": "Update affected products and disposition of cloud offers."
},
{
"date": "2022-11-08T20:57:38+00:00",
"number": "1.5.0",
"summary": "Update summary, affected products, and disposition of cloud offers."
},
{
"date": "2022-11-23T20:23:17+00:00",
"number": "1.6.0",
"summary": "Updated vulnerable products and products confirmed not vulnerable."
}
],
"status": "final",
"version": "1.6.0"
}
},
"vulnerabilities": [
{
"cve": "CVE-2022-3602",
"notes": [
{
"category": "general",
"text": "No additional information for this vulneraiblity is currently avaialbe.",
"title": "No Notes"
}
],
"remediations": [
{
"category": "none_available",
"details": "No remediation is available at this time."
}
],
"title": "X.509 Email Address 4-byte Buffer Overflow, Other Vulnerability"
},
{
"cve": "CVE-2022-3786",
"notes": [
{
"category": "general",
"text": "No additional information for this vulneraiblity is currently avaialbe.",
"title": "No Notes"
}
],
"remediations": [
{
"category": "none_available",
"details": "No remediation is available at this time."
}
],
"title": "X.509 Email Address Variable Length Buffer Overflow, Other Vulnerability"
}
]
}
FKIE_CVE-2022-3786
Vulnerability from fkie_nvd - Published: 2022-11-01 18:15 - Updated: 2026-04-14 10:16
Severity
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
References
| URL | Tags | ||
|---|---|---|---|
| openssl-security@openssl.org | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a | Patch, Vendor Advisory | |
| openssl-security@openssl.org | https://www.openssl.org/news/secadv/20221101.txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/794340 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openssl.org/news/secadv/20221101.txt | Vendor Advisory | |
| 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e | https://cert-portal.siemens.com/productcert/html/ssa-408105.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1F59CA-02F2-4374-A129-18713496B58B",
"versionEndExcluding": "3.0.7",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "CAC42CA8-8B01-4A19-A83C-A7D4D08E5E43",
"versionEndExcluding": "18.11.0",
"versionStartIncluding": "18.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:18.12.0:*:*:*:lts:*:*:*",
"matchCriteriaId": "7B1F87EE-4E30-4832-BF01-8501E94380EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:19.0.0:*:*:*:-:*:*:*",
"matchCriteriaId": "F568BBC5-0D8E-499C-9F3E-DDCE5F10F9D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\n\n"
},
{
"lang": "es",
"value": "Puede activarse una saturaci\u00f3n del b\u00fafer en la verificaci\u00f3n del certificado X.509, espec\u00edficamente en la verificaci\u00f3n de restricciones del nombre. Tenga en cuenta que esto ocurre despu\u00e9s de la verificaci\u00f3n de la firma de la cadena de certificados y requiere que una CA haya firmado un certificado malicioso o que la aplicaci\u00f3n contin\u00fae con la verificaci\u00f3n del certificado a pesar de no poder construir una ruta hacia un emisor confiable. Un atacante puede crear una direcci\u00f3n de correo electr\u00f3nico maliciosa en un certificado para desbordar una cantidad arbitraria de bytes que contengan el car\u00e1cter \".\" (decimal 46) en la pila de memoria. Este desbordamiento del b\u00fafer podr\u00eda provocar un bloqueo (provocando una denegaci\u00f3n de servicio). En un cliente TLS, esto se puede desencadenar conect\u00e1ndose a un servidor malicioso. En un servidor TLS, esto puede activarse si el servidor solicita la autenticaci\u00f3n del cliente y se conecta un cliente malicioso."
}
],
"id": "CVE-2022-3786",
"lastModified": "2026-04-14T10:16:26.147",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-11-01T18:15:11.047",
"references": [
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20221101.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.kb.cert.org/vuls/id/794340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20221101.txt"
},
{
"source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-408105.html"
}
],
"sourceIdentifier": "openssl-security@openssl.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-H8JM-2X53-XHP5
Vulnerability from github – Published: 2022-11-01 17:45 – Updated: 2022-11-02 21:46
VLAI
Summary
X.509 Email Address Variable Length Buffer Overflow
Details
A buffer overrun can be triggered in X.509 certificate verification,
specifically in name constraint checking. Note that this occurs after
certificate chain signature verification and requires either a CA to
have signed a malicious certificate or for an application to continue
certificate verification despite failure to construct a path to a trusted
issuer. An attacker can craft a malicious email address in a certificate
to overflow an arbitrary number of bytes containing the . character
(decimal 46) on the stack. This buffer overflow could result in a crash
(causing a denial of service).
In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
Severity
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "openssl-src"
},
"ranges": [
{
"events": [
{
"introduced": "300.0.0"
},
{
"fixed": "300.0.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-3786"
],
"database_specific": {
"cwe_ids": [
"CWE-120"
],
"github_reviewed": true,
"github_reviewed_at": "2022-11-01T17:45:21Z",
"nvd_published_at": "2022-11-01T18:15:00Z",
"severity": "HIGH"
},
"details": "A buffer overrun can be triggered in X.509 certificate verification,\nspecifically in name constraint checking. Note that this occurs after\ncertificate chain signature verification and requires either a CA to\nhave signed a malicious certificate or for an application to continue\ncertificate verification despite failure to construct a path to a trusted\nissuer. An attacker can craft a malicious email address in a certificate\nto overflow an arbitrary number of bytes containing the `.` character\n(decimal 46) on the stack. This buffer overflow could result in a crash\n(causing a denial of service).\n\nIn a TLS client, this can be triggered by connecting to a malicious\nserver. In a TLS server, this can be triggered if the server requests\nclient authentication and a malicious client connects.\n",
"id": "GHSA-h8jm-2x53-xhp5",
"modified": "2022-11-02T21:46:40Z",
"published": "2022-11-01T17:45:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3786"
},
{
"type": "WEB",
"url": "https://github.com/rustsec/advisory-db/pull/1452"
},
{
"type": "WEB",
"url": "https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3"
},
{
"type": "WEB",
"url": "https://www.openssl.org/news/secadv/20221101.txt"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/794340"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20221102-0001"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202211-01"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2022-0065.html"
},
{
"type": "WEB",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S"
},
{
"type": "PACKAGE",
"url": "https://github.com/alexcrichton/openssl-src-rs"
},
{
"type": "WEB",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
},
{
"type": "WEB",
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/15"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/16"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/17"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/18"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/19"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/20"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/21"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/24"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/10"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/11"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/12"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/13"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/14"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/15"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/6"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/7"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/02/9"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/03/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/03/10"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/03/11"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/03/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/03/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/03/5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/03/6"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/03/7"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/03/9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "X.509 Email Address Variable Length Buffer Overflow"
}
GSD-2022-3786
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-3786",
"id": "GSD-2022-3786",
"references": [
"https://access.redhat.com/errata/RHSA-2022:7288",
"https://access.redhat.com/errata/RHSA-2022:7384",
"https://www.suse.com/security/cve/CVE-2022-3786.html"
]
},
"gsd": {
"database_specific": {
"GSD": {
"affected_component": "X.509 Email Address handling",
"aliases": [
"CVE-2022-3786"
],
"attack_vector": "network",
"credit": "",
"description": "X.509 Email Address Variable Length Buffer Overflow. CVE-2022-3786 was NOT rated as CRITICAL from the outset, because only the length and not the content of the overwrite is attacker controlled. Exposure to remote code execution is not expected on any platforms.",
"impact": "unknown",
"notes": "X.509 Email Address Variable Length Buffer Overflow.",
"product_name": "openssl",
"product_version": "3.0.5",
"references": [
"https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html",
"https://github.com/NCSC-NL/OpenSSL-2022",
"https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-267005-1032.html",
"https://github.com/pblumo/openssl-vuln-nov-2022/",
"https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/",
"https://github.com/openssl/openssl/commit/680e65b94c916af259bfdc2e25f1ab6e0c7a97d6",
"https://www.openssl.org/source/openssl-3.0.7.tar.gz",
"https://www.techsolvency.com/story-so-far/cve-tbd-openssl-3.0.7-critical/",
"https://docs.google.com/spreadsheets/d/e/2PACX-1vT7ih8XJ5LHq-30saNCS9S7pJafe37S1b6ZRxWXcnx6HbrHFFTNIk7-gFQ7_NJlET47w0naS8deLtIG/pubhtml",
"https://words.filippo.io/dispatches/openssl-punycode/"
],
"vendor_name": "openssl",
"vulnerability_type": "unknown"
},
"OSV": {
"affected": [
{
"package": {
"ecosystem": "GSD",
"name": "openssl"
},
"versions": [
"3.0.6",
"3.0.5",
"3.0.4",
"3.0.3",
"3.0.2",
"3.0.1",
"3.0.0",
"3.0.0-beta2",
"3.0.0-beta1",
"3.0.0-alpha17",
"3.0.0-alpha16",
"3.0.0-alpha15",
"3.0.0-alpha14",
"3.0.0-alpha13",
"3.0.0-alpha12",
"3.0.0-alpha11",
"3.0.0-alpha10",
"3.0.0-alpha9",
"3.0.0-alpha8",
"3.0.0-alpha7",
"3.0.0-alpha6",
"3.0.0-alpha5",
"3.0.0-alpha4",
"3.0.0-alpha3",
"3.0.0-alpha2",
"3.0.0-alpha1"
]
}
],
"aliases": [
"CVE-2022-3786"
],
"details": "X.509 Email Address Variable Length Buffer Overflow. CVE-2022-3786 was NOT rated as CRITICAL from the outset, because only the length and not the content of the overwrite is attacker controlled. Exposure to remote code execution is not expected on any platforms.",
"id": "CVE-2022-3786",
"modified": "2022-11-02T15:48:10.308Z",
"published": "2022-11-01T16:29:39.763Z",
"references": [
{
"type": "WEB",
"url": "https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html"
},
{
"type": "WEB",
"url": "https://github.com/NCSC-NL/OpenSSL-2022"
},
{
"type": "WEB",
"url": "https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-267005-1032.html"
},
{
"type": "WEB",
"url": "https://github.com/pblumo/openssl-vuln-nov-2022/"
},
{
"type": "ADVISORY",
"url": "https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/"
},
{
"type": "FIX",
"url": "https://github.com/openssl/openssl/commit/680e65b94c916af259bfdc2e25f1ab6e0c7a97d6"
},
{
"type": "FIX",
"url": "https://www.openssl.org/source/openssl-3.0.7.tar.gz"
},
{
"type": "WEB",
"url": "https://www.techsolvency.com/story-so-far/cve-tbd-openssl-3.0.7-critical/"
},
{
"type": "WEB",
"url": "https://docs.google.com/spreadsheets/d/e/2PACX-1vT7ih8XJ5LHq-30saNCS9S7pJafe37S1b6ZRxWXcnx6HbrHFFTNIk7-gFQ7_NJlET47w0naS8deLtIG/pubhtml"
},
{
"type": "WEB",
"url": "https://words.filippo.io/dispatches/openssl-punycode/"
}
],
"summary": "X.509 Email Address Variable Length Buffer Overflow."
}
},
"id": "GSD-2022-3786",
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"modified": "2022-11-01T16:54:00.550547Z",
"osvSchema": {
"aliases": [
"CVE-2022-3786"
],
"details": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"id": "GSD-2022-3786",
"modified": "2023-12-13T01:19:39.834654Z",
"schema_version": "1.4.0"
},
"references": [
{
"type": "ADVISORY",
"url": "https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html"
},
{
"type": "ADVISORY",
"url": "https://github.com/NCSC-NL/OpenSSL-2022"
},
{
"type": "ADVISORY",
"url": "https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-267005-1032.html"
},
{
"type": "ADVISORY",
"url": "https://github.com/pblumo/openssl-vuln-nov-2022/"
},
{
"type": "ADVISORY",
"url": "https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/"
},
{
"type": "FIX",
"url": "https://github.com/openssl/openssl/commit/680e65b94c916af259bfdc2e25f1ab6e0c7a97d6"
},
{
"type": "FIX",
"url": "https://www.openssl.org/source/openssl-3.0.7.tar.gz"
},
{
"type": "WEB",
"url": "https://www.techsolvency.com/story-so-far/cve-tbd-openssl-3.0.7-critical/"
},
{
"type": "WEB",
"url": "https://docs.google.com/spreadsheets/d/e/2PACX-1vT7ih8XJ5LHq-30saNCS9S7pJafe37S1b6ZRxWXcnx6HbrHFFTNIk7-gFQ7_NJlET47w0naS8deLtIG/pubhtml"
},
{
"type": "WEB",
"url": "https://words.filippo.io/dispatches/openssl-punycode/"
}
],
"schema_version": "1.3.1"
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"ID": "CVE-2022-3786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "OpenSSL"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Viktor Dukhovni"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects."
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev",
"importer": "vulnxml2json5.py 2022-11-04 07:19:07.034873"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openssl.org/news/secadv/20221101.txt",
"refsource": "MISC",
"url": "https://www.openssl.org/news/secadv/20221101.txt"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a",
"refsource": "MISC",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=3.0.0 \u003c3.0.7",
"affected_versions": "All versions starting from 3.0.0 before 3.0.7",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-120",
"CWE-937"
],
"date": "2023-01-19",
"description": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).",
"fixed_versions": [
"3.0.7"
],
"identifier": "CVE-2022-3786",
"identifiers": [
"CVE-2022-3786"
],
"not_impacted": "All versions before 3.0.0, all versions starting from 3.0.7",
"package_slug": "conan/openssl",
"pubdate": "2022-11-01",
"solution": "Upgrade to version 3.0.7 or above.",
"title": "X.509 Email Address Variable Length Buffer Overflow",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-3786",
"https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/",
"https://www.openssl.org/news/secadv/20221101.txt"
],
"uuid": "08e59ba6-c580-404e-a0e2-792f7334dc9a"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.7",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:19.0.0:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:18.12.0:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "18.11.0",
"versionStartIncluding": "18.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"ID": "CVE-2022-3786"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openssl.org/news/secadv/20221101.txt",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20221101.txt"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-01-19T15:47Z",
"publishedDate": "2022-11-01T18:15Z"
}
}
}
ICSA-22-349-09
Vulnerability from csaf_cisa - Published: 2022-12-13 00:00 - Updated: 2026-04-16 06:00Summary
Siemens Products affected by OpenSSL 3.0
Notes
Summary: The openSSL component, versions 3.0.0 through 3.0.6, contains two buffer overflow vulnerabilities (CVE-2022-3602, CVE-2022-3786) in the X.509 certificate verification [0]. They could allow an attacker to create a denial of service condition or execute arbitrary code on a vulnerable TLS server (if the server requests client certificate authentication), or on a vulnerable TLS client.
Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.
[0] https://www.openssl.org/news/secadv/20221101.txt
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Advisory Conversion Disclaimer: This ICSA is a verbatim republication of Siemens ProductCERT SSA-408105 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CWE-120
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Calibre ICE
Siemens / Calibre ICE
|
vers:intdot/>=2022.4|<2023.1 |
Mitigation
Mitigation
Vendor Fix
|
|
|
Mcenter
Siemens / Mcenter
|
vers:intdot/>=5.2.1|<5.3.0 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)
Siemens / SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)
|
6GK5204-0BA00-2MB2
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)
Siemens / SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)
|
6GK5204-0BA00-2KB2
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)
Siemens / SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)
|
6GK5204-0BS00-2NA3
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)
Siemens / SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)
|
6GK5204-0BS00-3LA3
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)
Siemens / SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)
|
6GK5204-0BS00-3PA3
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SICAM GridPass
Siemens / SICAM GridPass
|
vers:intdot/>=1.80|<2.20 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC RTLS Locating Manager
Siemens / SIMATIC RTLS Locating Manager
|
vers:intdot/>=2.13.0.0|<2.13.0.3 |
Mitigation
Mitigation
Vendor Fix
fix
|
CWE-120
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Calibre ICE
Siemens / Calibre ICE
|
vers:intdot/>=2022.4|<2023.1 |
Mitigation
Mitigation
Vendor Fix
|
|
|
Mcenter
Siemens / Mcenter
|
vers:intdot/>=5.2.1|<5.3.0 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)
Siemens / SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)
|
6GK5204-0BA00-2MB2
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)
Siemens / SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)
|
6GK5204-0BA00-2KB2
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)
Siemens / SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)
|
6GK5204-0BS00-2NA3
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)
Siemens / SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)
|
6GK5204-0BS00-3LA3
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)
Siemens / SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)
|
6GK5204-0BS00-3PA3
|
vers:intdot/>=3.2.7|<3.2.8 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SICAM GridPass
Siemens / SICAM GridPass
|
vers:intdot/>=1.80|<2.20 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC RTLS Locating Manager
Siemens / SIMATIC RTLS Locating Manager
|
vers:intdot/>=2.13.0.0|<2.13.0.3 |
Mitigation
Mitigation
Vendor Fix
fix
|
References
14 references
| URL | Category |
|---|---|
| https://cert-portal.siemens.com/productcert/csaf/… | self |
| https://cert-portal.siemens.com/productcert/html/… | self |
| https://raw.githubusercontent.com/cisagov/CSAF/de… | self |
| https://www.cisa.gov/news-events/ics-advisories/i… | self |
| https://www.cisa.gov/news-events/ics-alerts/ics-a… | external |
| https://www.cisa.gov/resources-tools/resources/ic… | external |
| https://www.cisa.gov/topics/industrial-control-systems | external |
| https://www.cisa.gov/sites/default/files/recommen… | external |
| https://www.cisa.gov/sites/default/files/publicat… | external |
| https://www.cisa.gov/news-events/news/targeted-cy… | external |
| https://www.cve.org/CVERecord?id=CVE-2022-3602 | external |
| https://cwe.mitre.org/data/definitions/120.html | external |
| https://www.first.org/cvss/calculator/3.1#CVSS:3.… | external |
| https://www.cve.org/CVERecord?id=CVE-2022-3786 | external |
Acknowledgments
Siemens ProductCERT
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reported these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The openSSL component, versions 3.0.0 through 3.0.6, contains two buffer overflow vulnerabilities (CVE-2022-3602, CVE-2022-3786) in the X.509 certificate verification [0]. They could allow an attacker to create a denial of service condition or execute arbitrary code on a vulnerable TLS server (if the server requests client certificate authentication), or on a vulnerable TLS client.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.\n\n[0] https://www.openssl.org/news/secadv/20221101.txt",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
"title": "Legal Notice and Terms of Use"
},
{
"category": "other",
"text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-408105 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-408105.json"
},
{
"category": "self",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-408105.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-349-09 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-349-09.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-349-09 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-09"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
}
],
"title": "Siemens Products affected by OpenSSL 3.0",
"tracking": {
"current_release_date": "2026-04-16T06:00:00.000000Z",
"generator": {
"date": "2026-04-15T16:33:45.436947Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.5.0"
}
},
"id": "ICSA-22-349-09",
"initial_release_date": "2022-12-13T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-12-13T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2023-04-11T00:00:00.000000Z",
"legacy_version": "Additional Release 1",
"number": "2",
"summary": "Added fix for Calibre ICE and SICAM GridPass"
},
{
"date": "2023-07-11T00:00:00.000000Z",
"legacy_version": "Additional Release 2",
"number": "3",
"summary": "Added fix for Mcenter (SINUMERIK Integrate) and for SIMATIC RTLS Locating Manager"
},
{
"date": "2025-12-09T00:00:00.000000Z",
"legacy_version": "Additional Release 3",
"number": "4",
"summary": "Added fix for SCALANCE X-200RNA family"
},
{
"date": "2026-04-14T00:00:00.000000Z",
"legacy_version": "Additional Release 4",
"number": "5",
"summary": "Expanded SCALANCE X-200RNA family to individual products and MLFB IDs"
},
{
"date": "2026-04-16T06:00:00.000000Z",
"legacy_version": "Latest Updated CISA Republication",
"number": "6",
"summary": "CISA Republication update based on Siemens ProductCERT SSA-408105 advisory"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=2022.4|\u003c2023.1",
"product": {
"name": "Calibre ICE",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Calibre ICE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=5.2.1|\u003c5.3.0",
"product": {
"name": "Mcenter",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Mcenter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.2.7|\u003c3.2.8",
"product": {
"name": "SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2MB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.2.7|\u003c3.2.8",
"product": {
"name": "SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2KB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.2.7|\u003c3.2.8",
"product": {
"name": "SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BS00-2NA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.2.7|\u003c3.2.8",
"product": {
"name": "SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)",
"product_id": "CSAFPID-0006",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BS00-3LA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.2.7|\u003c3.2.8",
"product": {
"name": "SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)",
"product_id": "CSAFPID-0007",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BS00-3PA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=1.80|\u003c2.20",
"product": {
"name": "SICAM GridPass",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "SICAM GridPass"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=2.13.0.0|\u003c2.13.0.3",
"product": {
"name": "SIMATIC RTLS Locating Manager",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3602",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: Ensure that only trusted (CA) certificates are contained in the Machine Agent\u0027s truststore",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: In the truststore, do not add CA certificates that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0008"
]
},
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS client: in cases where this option is configurable: ensure that TLS server certificate verification is turned on and do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS server and have certificate-based client authentication enabled: do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.13.0.3 or later version",
"product_ids": [
"CSAFPID-0009"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109821005/"
},
{
"category": "vendor_fix",
"details": "Update to V2.20 or later version",
"product_ids": [
"CSAFPID-0008"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763384/"
},
{
"category": "vendor_fix",
"details": "Update to V2023.1 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.2.8 or later version",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109995126/"
},
{
"category": "vendor_fix",
"details": "Update to V5.3.0 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://download.industrysoftware.automation.siemens.com/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
}
],
"title": "CVE-2022-3602"
},
{
"cve": "CVE-2022-3786",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: Ensure that only trusted (CA) certificates are contained in the Machine Agent\u0027s truststore",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: In the truststore, do not add CA certificates that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0008"
]
},
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS client: in cases where this option is configurable: ensure that TLS server certificate verification is turned on and do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS server and have certificate-based client authentication enabled: do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.13.0.3 or later version",
"product_ids": [
"CSAFPID-0009"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109821005/"
},
{
"category": "vendor_fix",
"details": "Update to V2.20 or later version",
"product_ids": [
"CSAFPID-0008"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763384/"
},
{
"category": "vendor_fix",
"details": "Update to V2023.1 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.2.8 or later version",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109995126/"
},
{
"category": "vendor_fix",
"details": "Update to V5.3.0 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://download.industrysoftware.automation.siemens.com/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
}
],
"title": "CVE-2022-3786"
}
]
}
ICSA-22-349-10
Vulnerability from csaf_cisa - Published: 2022-12-15 00:00 - Updated: 2025-05-06 06:00Summary
Siemens APOGEE/TALON Field Panels
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: Successful exploitation of this vulnerability could allow an attacker to hijack existing sessions or spoof future sessions.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens operational guidelines for industrial security and to follow the recommendations in the product manuals.
For more information, see the associated Siemens security advisory SSA-408105 in HTML and CSAF.
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability: No known public exploits specifically target this vulnerability.
CWE-120
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Calibre ICE
Siemens / Calibre ICE
|
>=V2022.4<V2023.1 |
Mitigation
Mitigation
Vendor Fix
fix
Mitigation
|
|
|
Mcenter
Siemens / Mcenter
|
>=V5.2.1.0 |
Mitigation
Mitigation
Mitigation
None Available
Mitigation
|
|
|
SCALANCE X-200RNA switch family
Siemens / SCALANCE X-200RNA switch family
|
>=V3.2.7 |
Mitigation
Mitigation
None Available
Mitigation
|
|
|
SICAM GridPass (6MD7711-2AA00-1EA0)
Siemens / SICAM GridPass (6MD7711-2AA00-1EA0)
|
6MD7711-2AA00-1EA0
|
>=V1.80<V2.20 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
Mitigation
|
|
SIMATIC RTLS Locating Manager (6GT2780-0DA00)
Siemens / SIMATIC RTLS Locating Manager (6GT2780-0DA00)
|
6GT2780-0DA00
|
>=V2.13 |
Mitigation
Mitigation
None Available
Mitigation
|
CWE-120
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Calibre ICE
Siemens / Calibre ICE
|
>=V2022.4<V2023.1 |
Mitigation
Mitigation
Vendor Fix
fix
Mitigation
|
|
|
Mcenter
Siemens / Mcenter
|
>=V5.2.1.0 |
Mitigation
Mitigation
Mitigation
None Available
Mitigation
|
|
|
SCALANCE X-200RNA switch family
Siemens / SCALANCE X-200RNA switch family
|
>=V3.2.7 |
Mitigation
Mitigation
None Available
Mitigation
|
|
|
SICAM GridPass (6MD7711-2AA00-1EA0)
Siemens / SICAM GridPass (6MD7711-2AA00-1EA0)
|
6MD7711-2AA00-1EA0
|
>=V1.80<V2.20 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
Mitigation
|
|
SIMATIC RTLS Locating Manager (6GT2780-0DA00)
Siemens / SIMATIC RTLS Locating Manager (6GT2780-0DA00)
|
6GT2780-0DA00
|
>=V2.13 |
Mitigation
Mitigation
None Available
Mitigation
|
References
8 references
| URL | Category |
|---|---|
| https://cert-portal.siemens.com/productcert/csaf/… | external |
| https://raw.githubusercontent.com/cisagov/CSAF/de… | self |
| https://www.cisa.gov/news-events/ics-advisories/i… | self |
| https://us-cert.cisa.gov/sites/default/files/reco… | external |
| https://cert-portal.siemens.com/productcert/html/… | external |
| https://cert-portal.siemens.com/productcert/csaf/… | external |
| https://cert-portal.siemens.com/productcert/pdf/s… | external |
| https://cert-portal.siemens.com/productcert/txt/s… | external |
Acknowledgments
Siemens
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow an attacker to hijack existing sessions or spoof future sessions.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": " Critical Manufacturing ",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": " Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": " Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens operational guidelines for industrial security and to follow the recommendations in the product manuals.\nFor more information, see the associated Siemens security advisory SSA-408105 in HTML and CSAF.\nCISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-408105.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-349-10 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-349-10.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-349-10 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-10"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-408105.html"
},
{
"category": "external",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-408105.json"
},
{
"category": "external",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-408105.pdf"
},
{
"category": "external",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-408105.txt"
}
],
"title": "Siemens APOGEE/TALON Field Panels",
"tracking": {
"current_release_date": "2025-05-06T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-349-10",
"initial_release_date": "2022-12-15T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-12-15T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-05-06T06:00:00.000000Z",
"legacy_version": "Revision",
"number": "2",
"summary": "Revision - Fixing typos"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2022.4\u003cV2023.1",
"product": {
"name": "Calibre ICE",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Calibre ICE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V5.2.1.0",
"product": {
"name": "Mcenter",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Mcenter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.2.7",
"product": {
"name": "SCALANCE X-200RNA switch family",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "SCALANCE X-200RNA switch family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.80\u003cV2.20",
"product": {
"name": "SICAM GridPass (6MD7711-2AA00-1EA0)",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"model_numbers": [
"6MD7711-2AA00-1EA0"
]
}
}
}
],
"category": "product_name",
"name": "SICAM GridPass (6MD7711-2AA00-1EA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.13",
"product": {
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA00)",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"model_numbers": [
"6GT2780-0DA00"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA00)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3602",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS server and have certificate-based client authentication enabled: do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS client: in cases where this option is configurable: ensure that TLS server certificate verification is turned on and do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: In the truststore, do not add CA certificates that contain a nameConstraint-extension (\nhttps://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "Ensure that only trusted (CA) certificates are contained in the Machine Agent\u0027s truststore",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0005"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.20 or later version",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763384/"
},
{
"category": "vendor_fix",
"details": "Update to V2023.1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.sw.siemens.com/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2022-3602"
},
{
"cve": "CVE-2022-3786",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS server and have certificate-based client authentication enabled: do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS client: in cases where this option is configurable: ensure that TLS server certificate verification is turned on and do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: In the truststore, do not add CA certificates that contain a nameConstraint-extension (\nhttps://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "Ensure that only trusted (CA) certificates are contained in the Machine Agent\u0027s truststore",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0005"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.20 or later version",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763384/"
},
{
"category": "vendor_fix",
"details": "Update to V2023.1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.sw.siemens.com/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2022-3786"
}
]
}
ICSA-22-349-12
Vulnerability from csaf_cisa - Published: 2022-12-13 00:00 - Updated: 2025-05-06 06:00Summary
Siemens Parasolid
Notes
Summary: The openSSL component, versions 3.0.0 through 3.0.6, contains two buffer overflow vulnerabilities (CVE-2022-3602, CVE-2022-3786) in the X.509 certificate verification [0]. They could allow an attacker to create a denial of service condition or execute arbitrary code on a vulnerable TLS server (if the server requests client certificate authentication), or on a vulnerable TLS client.
Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.
[0]
https://www.openssl.org/news/secadv/20221101.txt
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer: This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors: Multiple
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CWE-120
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Calibre ICE
Siemens / Calibre ICE
|
>=V2022.4<V2023.1 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
Mcenter
Siemens / Mcenter
|
>=V5.2.1<V5.3.0 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SCALANCE X-200RNA switch family
Siemens / SCALANCE X-200RNA switch family
|
>=V3.2.7 |
Mitigation
Mitigation
None Available
|
|
|
SICAM GridPass (6MD7711-2AA00-1EA0)
Siemens / SICAM GridPass (6MD7711-2AA00-1EA0)
|
6MD7711-2AA00-1EA0
|
>=V1.80<V2.20 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC RTLS Locating Manager
Siemens / SIMATIC RTLS Locating Manager
|
>=V2.13<V2.13.0.3 |
Mitigation
Mitigation
Vendor Fix
fix
|
CWE-120
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Calibre ICE
Siemens / Calibre ICE
|
>=V2022.4<V2023.1 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
Mcenter
Siemens / Mcenter
|
>=V5.2.1<V5.3.0 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SCALANCE X-200RNA switch family
Siemens / SCALANCE X-200RNA switch family
|
>=V3.2.7 |
Mitigation
Mitigation
None Available
|
|
|
SICAM GridPass (6MD7711-2AA00-1EA0)
Siemens / SICAM GridPass (6MD7711-2AA00-1EA0)
|
6MD7711-2AA00-1EA0
|
>=V1.80<V2.20 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC RTLS Locating Manager
Siemens / SIMATIC RTLS Locating Manager
|
>=V2.13<V2.13.0.3 |
Mitigation
Mitigation
Vendor Fix
fix
|
References
12 references
| URL | Category |
|---|---|
| https://cert-portal.siemens.com/productcert/csaf/… | self |
| https://cert-portal.siemens.com/productcert/html/… | self |
| https://cert-portal.siemens.com/productcert/pdf/s… | self |
| https://cert-portal.siemens.com/productcert/txt/s… | self |
| https://raw.githubusercontent.com/cisagov/CSAF/de… | self |
| https://www.cisa.gov/news-events/ics-advisories/i… | self |
| https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-… | external |
| https://www.cisa.gov/resources-tools/resources/ic… | external |
| https://www.cisa.gov/topics/industrial-control-systems | external |
| https://us-cert.cisa.gov/sites/default/files/reco… | external |
| https://www.cisa.gov/sites/default/files/publicat… | external |
| https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B | external |
Acknowledgments
Siemens ProductCERT
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The openSSL component, versions 3.0.0 through 3.0.6, contains two buffer overflow vulnerabilities (CVE-2022-3602, CVE-2022-3786) in the X.509 certificate verification [0]. They could allow an attacker to create a denial of service condition or execute arbitrary code on a vulnerable TLS server (if the server requests client certificate authentication), or on a vulnerable TLS client.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.\n\n[0] \nhttps://www.openssl.org/news/secadv/20221101.txt",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-408105.json"
},
{
"category": "self",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-408105.html"
},
{
"category": "self",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-408105.pdf"
},
{
"category": "self",
"summary": "SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-408105.txt"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-349-12 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-349-12.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-349-12 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-12"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens Parasolid",
"tracking": {
"current_release_date": "2025-05-06T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-349-12",
"initial_release_date": "2022-12-13T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-12-13T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2023-04-11T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added fix for Calibre ICE and SICAM GridPass"
},
{
"date": "2023-07-11T00:00:00.000000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added fix for Mcenter (SINUMERIK Integrate) and for SIMATIC RTLS Locating Manager"
},
{
"date": "2025-05-06T06:00:00.000000Z",
"legacy_version": "Revision",
"number": "4",
"summary": "Revision - Fixing typos"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2022.4\u003cV2023.1",
"product": {
"name": "Calibre ICE",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Calibre ICE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V5.2.1\u003cV5.3.0",
"product": {
"name": "Mcenter",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Mcenter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.2.7",
"product": {
"name": "SCALANCE X-200RNA switch family",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "SCALANCE X-200RNA switch family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V1.80\u003cV2.20",
"product": {
"name": "SICAM GridPass (6MD7711-2AA00-1EA0)",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"model_numbers": [
"6MD7711-2AA00-1EA0"
]
}
}
}
],
"category": "product_name",
"name": "SICAM GridPass (6MD7711-2AA00-1EA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.13\u003cV2.13.0.3",
"product": {
"name": "SIMATIC RTLS Locating Manager",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3602",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS server and have certificate-based client authentication enabled: do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS client: in cases where this option is configurable: ensure that TLS server certificate verification is turned on and do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: Ensure that only trusted (CA) certificates are contained in the Machine Agent\u0027s truststore",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: In the truststore, do not add CA certificates that contain a nameConstraint-extension (\nhttps://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.13.0.3 or later version",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109821005/"
},
{
"category": "vendor_fix",
"details": "Update to V2.20 or later version",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763384/"
},
{
"category": "vendor_fix",
"details": "Update to V2023.1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.sw.siemens.com/"
},
{
"category": "vendor_fix",
"details": "Update to V5.3.0 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://download.industrysoftware.automation.siemens.com/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2022-3602"
},
{
"cve": "CVE-2022-3786",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS server and have certificate-based client authentication enabled: do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Siemens products that contain a vulnerable TLS client: in cases where this option is configurable: ensure that TLS server certificate verification is turned on and do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: Ensure that only trusted (CA) certificates are contained in the Machine Agent\u0027s truststore",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "As a mitigation for vulnerable versions: In the truststore, do not add CA certificates that contain a nameConstraint-extension (\nhttps://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.13.0.3 or later version",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109821005/"
},
{
"category": "vendor_fix",
"details": "Update to V2.20 or later version",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763384/"
},
{
"category": "vendor_fix",
"details": "Update to V2023.1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.sw.siemens.com/"
},
{
"category": "vendor_fix",
"details": "Update to V5.3.0 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://download.industrysoftware.automation.siemens.com/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2022-3786"
}
]
}
ICSA-23-005-03
Vulnerability from csaf_cisa - Published: 2023-01-05 00:00 - Updated: 2023-01-05 00:00Summary
Hitachi Energy Lumada Asset Performance Management
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: Successful exploitation of these vulnerabilities could cause a denial-of-service condition or unauthorized remote arbitrary code execution.
Critical infrastructure sectors: Energy
Countries/areas deployed: Worldwide
Company headquarters location: Switzerland
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Exploitability: No known public exploits specifically target these vulnerabilities.
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lumada Asset Performance Management (APM): Lumada APM: Version 6.5.0.0
Hitachi Energy / Lumada APM
|
6.5.0.0 |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lumada Asset Performance Management (APM): Lumada APM: Version 6.5.0.0
Hitachi Energy / Lumada APM
|
6.5.0.0 |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
7.5 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lumada Asset Performance Management (APM): Lumada APM: Version 6.5.0.0
Hitachi Energy / Lumada APM
|
6.5.0.0 |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Lumada Asset Performance Management (APM): Lumada APM: Versions 6.1.0.0 through 6.4.0.0 (CVE-2022-37434 only)
Hitachi Energy / Lumada APM
|
>= 6.1.0.0 | <= 6.4.0.0 (CVE-2022-37434 only) |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
References
6 references
| URL | Category |
|---|---|
| https://raw.githubusercontent.com/cisagov/CSAF/de… | self |
| https://www.cisa.gov/news-events/ics-advisories/i… | self |
| https://us-cert.cisa.gov/sites/default/files/reco… | external |
| http://web.nvd.nist.gov/view/vuln/detail?vulnId=C… | external |
| https://www.first.org/cvss/calculator/3.0#CVSS:3.… | external |
| http://web.nvd.nist.gov/view/vuln/detail?vulnId=C… | external |
Acknowledgments
Hitachi Energy
{
"document": {
"acknowledgments": [
{
"organization": "Hitachi Energy",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could cause a denial-of-service condition or unauthorized remote arbitrary code execution.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": " Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": " Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": " Switzerland",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-23-005-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-005-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-23-005-03 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-005-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
}
],
"title": "Hitachi Energy Lumada Asset Performance Management",
"tracking": {
"current_release_date": "2023-01-05T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-23-005-03",
"initial_release_date": "2023-01-05T00:00:00.000000Z",
"revision_history": [
{
"date": "2023-01-05T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6.5.0.0",
"product": {
"name": "Lumada Asset Performance Management (APM): Lumada APM: Version 6.5.0.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Lumada APM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 6.1.0.0 | \u003c= 6.4.0.0 (CVE-2022-37434 only)",
"product": {
"name": "Lumada Asset Performance Management (APM): Lumada APM: Versions 6.1.0.0 through 6.4.0.0 (CVE-2022-37434 only)",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Lumada APM"
}
],
"category": "vendor",
"name": "Hitachi Energy"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3602",
"cwe": {
"id": "CWE-1357",
"name": "Reliance on Insufficiently Trustworthy Component"
},
"notes": [
{
"category": "summary",
"text": "The affected versions of Lumada APM rely on a version of OpenSSL that contains a buffer overflow vulnerability. A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. In Lumada APM, this can be triggered by configuring APM to connect to a malicious server for one of the supported integrations. This may cause a crash of the specific APM service implementing the integration (causing a denial of service).CVE-2022-3602 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3602"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For all listed vulnerabilities: Lumada APM Version 6.5.0.1 or later.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Users should contact Hitachi Energy for instructions on acquiring and installing the new versions.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Note: Hitachi Energy has already remediated these vulnerabilities for cloud-based deployments (software-as-a-service) of Lumada APM.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Hitachi Energy encourages users to apply recommended security practices and firewall configurations. ",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Protect process control systems from physical access by unauthorized personnel.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Do not allow process control systems to have direct connections to the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Separate process control systems from other networks via a firewall system with a minimal number of exposed ports.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Have security updates applied to installed software components.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Do not use process control systems for personal use such as web browsing or checking emails.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Carefully scan portable computers and removable storage media for viruses before connection to a control system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information, see Hitachi Energy advisory 8DBD000134.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000134"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-3786",
"cwe": {
"id": "CWE-1357",
"name": "Reliance on Insufficiently Trustworthy Component"
},
"notes": [
{
"category": "summary",
"text": "The affected versions of Lumada APM rely on a version of OpenSSL that contains a buffer overflow vulnerability. A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. In Lumada APM, this can be triggered by configuring APM to connect to a malicious server for one of the supported integrations. This may cause a crash of the specific APM service implementing the integration (causing a denial of service).CVE-2022-3786 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).\n",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3786"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For all listed vulnerabilities: Lumada APM Version 6.5.0.1 or later.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Users should contact Hitachi Energy for instructions on acquiring and installing the new versions.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Note: Hitachi Energy has already remediated these vulnerabilities for cloud-based deployments (software-as-a-service) of Lumada APM.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Hitachi Energy encourages users to apply recommended security practices and firewall configurations. ",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Protect process control systems from physical access by unauthorized personnel.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Do not allow process control systems to have direct connections to the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Separate process control systems from other networks via a firewall system with a minimal number of exposed ports.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Have security updates applied to installed software components.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Do not use process control systems for personal use such as web browsing or checking emails.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Carefully scan portable computers and removable storage media for viruses before connection to a control system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information, see Hitachi Energy advisory 8DBD000134.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000134"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-37434",
"cwe": {
"id": "CWE-1357",
"name": "Reliance on Insufficiently Trustworthy Component"
},
"notes": [
{
"category": "summary",
"text": "The affected versions of Lumada APM rely on a version of zlib that contains an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in denial of service or potentially the execution of arbitrary code.CVE-2022-37434 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3786"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For all listed vulnerabilities: Lumada APM Version 6.5.0.1 or later.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For CVE-2022-37434 only: Lumada APM Version 6.4.0.1 or later.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Users should contact Hitachi Energy for instructions on acquiring and installing the new versions.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Note: Hitachi Energy has already remediated these vulnerabilities for cloud-based deployments (software-as-a-service) of Lumada APM.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Hitachi Energy encourages users to apply recommended security practices and firewall configurations. ",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Protect process control systems from physical access by unauthorized personnel.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Do not allow process control systems to have direct connections to the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Separate process control systems from other networks via a firewall system with a minimal number of exposed ports.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Have security updates applied to installed software components.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Do not use process control systems for personal use such as web browsing or checking emails.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Carefully scan portable computers and removable storage media for viruses before connection to a control system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information, see Hitachi Energy advisory 8DBD000134.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000134"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…