Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-0133 (GCVE-0-2025-0133)
Vulnerability from cvelistv5
Published
2025-05-14 18:07
Modified
2025-05-14 20:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft—particularly if you enabled Clientless VPN.
There is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.
For GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | PAN-OS |
Version: 11.2.0 < 11.2.8 Version: 11.1.0 < 11.1.11 Version: 10.2.0 < 10.2.17 Version: 10.1.0 < cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.6:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.9:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.8:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.15:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.14:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T20:51:07.672908Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T20:51:15.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.9:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.8:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.14:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "11.2.8",
"status": "unaffected"
}
],
"lessThan": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.11",
"status": "unaffected"
}
],
"lessThan": "11.1.11",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.17",
"status": "unaffected"
}
],
"lessThan": "10.2.17",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect gateway or portal."
}
],
"value": "This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect gateway or portal."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XBOW Security"
}
],
"datePublic": "2025-05-14T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eA reflected cross-site scripting (XSS) vulnerability in the GlobalProtect\u2122 gateway and portal features of Palo Alto Networks PAN-OS\u00ae software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user\u0027s browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft\u2014particularly if you enabled Clientless VPN.\u003c/p\u003e\u003cp\u003eThere is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eFor GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.paloaltonetworks.com/PAN-SA-2025-0005\"\u003ePAN-SA-2025-0005\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.paloaltonetworks.com/PAN-SA-2025-0005\"\u003e\u003c/a\u003e. There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.\u003c/p\u003e"
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect\u2122 gateway and portal features of Palo Alto Networks PAN-OS\u00ae software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user\u0027s browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft\u2014particularly if you enabled Clientless VPN.\n\nThere is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.\n\n\n\nFor GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u0026nbsp;"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Without Clientless VPN"
}
]
},
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "With Clientless VPN enabled, there are inherent risks that facilitate credential stealing (enumerated in PAN-SA-2025-0005)."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T18:07:36.381Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0133"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.7\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.8 or later [ETA June 2025]\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.10\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.11 or later [ETA July 2025]\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.16\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.17 or later [ETA August 2025]\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.1\u003c/td\u003e\u003ctd\u003e10.1.0 through 10.1.14\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.17 or later [ETA August 2025]\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older unsupported PAN-OS versions\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003ePAN-OS 10.1 is in\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy\"\u003eL\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy\"\u003eimited Support\u003c/a\u003e\u0026nbsp;and reaches\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary\"\u003eSoftware EOL in August 2025\u003c/a\u003e.\u003c/p\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy\"\u003e\u003c/a\u003e"
}
],
"value": "VersionMinor VersionSuggested SolutionPAN-OS 11.211.2.0 through 11.2.7Upgrade to 11.2.8 or later [ETA June 2025]PAN-OS 11.111.1.0 through 11.1.10Upgrade to 11.1.11 or later [ETA July 2025]PAN-OS 10.210.2.0 through 10.2.16Upgrade to 10.2.17 or later [ETA August 2025]PAN-OS 10.110.1.0 through 10.1.14Upgrade to 10.2.17 or later [ETA August 2025]All other older unsupported PAN-OS versions\n\nUpgrade to a supported fixed version\nPAN-OS 10.1 is in\u00a0 L https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy imited Support https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy \u00a0and reaches\u00a0 Software EOL in August 2025 https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary .\n\n https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy"
}
],
"source": {
"defect": [
"PAN-287002"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-05-14T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510003 and 510004 (introduced in Applications and Threats content version 8970).\u003c/p\u003e\u003cp\u003eYou can also disable Clientless VPN. For more information, review the security advisory\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.paloaltonetworks.com/PAN-SA-2025-0005\"\u003ePAN-SA-2025-0005\u003c/a\u003e.\u003c/p\u003e"
}
],
"value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510003 and 510004 (introduced in Applications and Threats content version 8970).\n\nYou can also disable Clientless VPN. For more information, review the security advisory\u00a0 PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 ."
}
],
"x_affectedList": [
"PAN-OS 11.2.6",
"PAN-OS 11.2.5",
"PAN-OS 11.2.4-h7",
"PAN-OS 11.2.4-h6",
"PAN-OS 11.2.4-h5",
"PAN-OS 11.2.4-h4",
"PAN-OS 11.2.4-h3",
"PAN-OS 11.2.4-h2",
"PAN-OS 11.2.4-h1",
"PAN-OS 11.2.4",
"PAN-OS 11.2.3-h5",
"PAN-OS 11.2.3-h4",
"PAN-OS 11.2.3-h3",
"PAN-OS 11.2.3-h2",
"PAN-OS 11.2.3-h1",
"PAN-OS 11.2.3",
"PAN-OS 11.2.2-h2",
"PAN-OS 11.2.2-h1",
"PAN-OS 11.2.1-h1",
"PAN-OS 11.2.1",
"PAN-OS 11.2.0-h1",
"PAN-OS 11.2.0",
"PAN-OS 11.1.9",
"PAN-OS 11.1.8",
"PAN-OS 11.1.6-h7",
"PAN-OS 11.1.6-h6",
"PAN-OS 11.1.6-h4",
"PAN-OS 11.1.6-h3",
"PAN-OS 11.1.6-h2",
"PAN-OS 11.1.6-h1",
"PAN-OS 11.1.6",
"PAN-OS 11.1.5-h1",
"PAN-OS 11.1.5",
"PAN-OS 11.1.4-h18",
"PAN-OS 11.1.4-h17",
"PAN-OS 11.1.4-h15",
"PAN-OS 11.1.4-h13",
"PAN-OS 11.1.4-h12",
"PAN-OS 11.1.4-h11",
"PAN-OS 11.1.4-h10",
"PAN-OS 11.1.4-h9",
"PAN-OS 11.1.4-h8",
"PAN-OS 11.1.4-h7",
"PAN-OS 11.1.4-h6",
"PAN-OS 11.1.4-h5",
"PAN-OS 11.1.4-h4",
"PAN-OS 11.1.4-h3",
"PAN-OS 11.1.4-h2",
"PAN-OS 11.1.4-h1",
"PAN-OS 11.1.4",
"PAN-OS 11.1.3-h13",
"PAN-OS 11.1.3-h12",
"PAN-OS 11.1.3-h11",
"PAN-OS 11.1.3-h10",
"PAN-OS 11.1.3-h9",
"PAN-OS 11.1.3-h8",
"PAN-OS 11.1.3-h7",
"PAN-OS 11.1.3-h6",
"PAN-OS 11.1.3-h5",
"PAN-OS 11.1.3-h4",
"PAN-OS 11.1.3-h3",
"PAN-OS 11.1.3-h2",
"PAN-OS 11.1.3-h1",
"PAN-OS 11.1.3",
"PAN-OS 11.1.2-h18",
"PAN-OS 11.1.2-h17",
"PAN-OS 11.1.2-h16",
"PAN-OS 11.1.2-h15",
"PAN-OS 11.1.2-h14",
"PAN-OS 11.1.2-h13",
"PAN-OS 11.1.2-h12",
"PAN-OS 11.1.2-h11",
"PAN-OS 11.1.2-h10",
"PAN-OS 11.1.2-h9",
"PAN-OS 11.1.2-h8",
"PAN-OS 11.1.2-h7",
"PAN-OS 11.1.2-h6",
"PAN-OS 11.1.2-h5",
"PAN-OS 11.1.2-h4",
"PAN-OS 11.1.2-h3",
"PAN-OS 11.1.2-h2",
"PAN-OS 11.1.2-h1",
"PAN-OS 11.1.2",
"PAN-OS 11.1.1-h2",
"PAN-OS 11.1.1-h1",
"PAN-OS 11.1.1",
"PAN-OS 11.1.0-h4",
"PAN-OS 11.1.0-h3",
"PAN-OS 11.1.0-h2",
"PAN-OS 11.1.0-h1",
"PAN-OS 11.1.0",
"PAN-OS 10.2.14-h1",
"PAN-OS 10.2.14",
"PAN-OS 10.2.13-h7",
"PAN-OS 10.2.13-h5",
"PAN-OS 10.2.13-h4",
"PAN-OS 10.2.13-h3",
"PAN-OS 10.2.13-h2",
"PAN-OS 10.2.13-h1",
"PAN-OS 10.2.13",
"PAN-OS 10.2.12-h6",
"PAN-OS 10.2.12-h5",
"PAN-OS 10.2.12-h4",
"PAN-OS 10.2.12-h3",
"PAN-OS 10.2.12-h2",
"PAN-OS 10.2.12-h1",
"PAN-OS 10.2.12",
"PAN-OS 10.2.11-h13",
"PAN-OS 10.2.11-h12",
"PAN-OS 10.2.11-h11",
"PAN-OS 10.2.11-h10",
"PAN-OS 10.2.11-h9",
"PAN-OS 10.2.11-h8",
"PAN-OS 10.2.11-h7",
"PAN-OS 10.2.11-h6",
"PAN-OS 10.2.11-h5",
"PAN-OS 10.2.11-h4",
"PAN-OS 10.2.11-h3",
"PAN-OS 10.2.11-h2",
"PAN-OS 10.2.11-h1",
"PAN-OS 10.2.11",
"PAN-OS 10.2.10-h18",
"PAN-OS 10.2.10-h17",
"PAN-OS 10.2.10-h14",
"PAN-OS 10.2.10-h13",
"PAN-OS 10.2.10-h12",
"PAN-OS 10.2.10-h11",
"PAN-OS 10.2.10-h10",
"PAN-OS 10.2.10-h9",
"PAN-OS 10.2.10-h8",
"PAN-OS 10.2.10-h7",
"PAN-OS 10.2.10-h6",
"PAN-OS 10.2.10-h5",
"PAN-OS 10.2.10-h4",
"PAN-OS 10.2.10-h3",
"PAN-OS 10.2.10-h2",
"PAN-OS 10.2.10-h1",
"PAN-OS 10.2.10",
"PAN-OS 10.2.9-h21",
"PAN-OS 10.2.9-h20",
"PAN-OS 10.2.9-h19",
"PAN-OS 10.2.9-h18",
"PAN-OS 10.2.9-h17",
"PAN-OS 10.2.9-h16",
"PAN-OS 10.2.9-h15",
"PAN-OS 10.2.9-h14",
"PAN-OS 10.2.9-h13",
"PAN-OS 10.2.9-h12",
"PAN-OS 10.2.9-h11",
"PAN-OS 10.2.9-h10",
"PAN-OS 10.2.9-h9",
"PAN-OS 10.2.9-h8",
"PAN-OS 10.2.9-h7",
"PAN-OS 10.2.9-h6",
"PAN-OS 10.2.9-h5",
"PAN-OS 10.2.9-h4",
"PAN-OS 10.2.9-h3",
"PAN-OS 10.2.9-h2",
"PAN-OS 10.2.9-h1",
"PAN-OS 10.2.9",
"PAN-OS 10.2.8-h21",
"PAN-OS 10.2.8-h20",
"PAN-OS 10.2.8-h19",
"PAN-OS 10.2.8-h18",
"PAN-OS 10.2.8-h17",
"PAN-OS 10.2.8-h16",
"PAN-OS 10.2.8-h15",
"PAN-OS 10.2.8-h14",
"PAN-OS 10.2.8-h13",
"PAN-OS 10.2.8-h12",
"PAN-OS 10.2.8-h11",
"PAN-OS 10.2.8-h10",
"PAN-OS 10.2.8-h9",
"PAN-OS 10.2.8-h8",
"PAN-OS 10.2.8-h7",
"PAN-OS 10.2.8-h6",
"PAN-OS 10.2.8-h5",
"PAN-OS 10.2.8-h4",
"PAN-OS 10.2.8-h3",
"PAN-OS 10.2.8-h2",
"PAN-OS 10.2.8-h1",
"PAN-OS 10.2.8",
"PAN-OS 10.2.7-h24",
"PAN-OS 10.2.7-h23",
"PAN-OS 10.2.7-h22",
"PAN-OS 10.2.7-h21",
"PAN-OS 10.2.7-h20",
"PAN-OS 10.2.7-h19",
"PAN-OS 10.2.7-h18",
"PAN-OS 10.2.7-h17",
"PAN-OS 10.2.7-h16",
"PAN-OS 10.2.7-h15",
"PAN-OS 10.2.7-h14",
"PAN-OS 10.2.7-h13",
"PAN-OS 10.2.7-h12",
"PAN-OS 10.2.7-h11",
"PAN-OS 10.2.7-h10",
"PAN-OS 10.2.7-h9",
"PAN-OS 10.2.7-h8",
"PAN-OS 10.2.7-h7",
"PAN-OS 10.2.7-h6",
"PAN-OS 10.2.7-h5",
"PAN-OS 10.2.7-h4",
"PAN-OS 10.2.7-h3",
"PAN-OS 10.2.7-h2",
"PAN-OS 10.2.7-h1",
"PAN-OS 10.2.7",
"PAN-OS 10.2.6-h6",
"PAN-OS 10.2.6-h5",
"PAN-OS 10.2.6-h4",
"PAN-OS 10.2.6-h3",
"PAN-OS 10.2.6-h2",
"PAN-OS 10.2.6-h1",
"PAN-OS 10.2.6",
"PAN-OS 10.2.5-h9",
"PAN-OS 10.2.5-h8",
"PAN-OS 10.2.5-h7",
"PAN-OS 10.2.5-h6",
"PAN-OS 10.2.5-h5",
"PAN-OS 10.2.5-h4",
"PAN-OS 10.2.5-h3",
"PAN-OS 10.2.5-h2",
"PAN-OS 10.2.5-h1",
"PAN-OS 10.2.5",
"PAN-OS 10.2.4-h32",
"PAN-OS 10.2.4-h31",
"PAN-OS 10.2.4-h30",
"PAN-OS 10.2.4-h29",
"PAN-OS 10.2.4-h28",
"PAN-OS 10.2.4-h27",
"PAN-OS 10.2.4-h26",
"PAN-OS 10.2.4-h25",
"PAN-OS 10.2.4-h24",
"PAN-OS 10.2.4-h23",
"PAN-OS 10.2.4-h22",
"PAN-OS 10.2.4-h21",
"PAN-OS 10.2.4-h20",
"PAN-OS 10.2.4-h19",
"PAN-OS 10.2.4-h18",
"PAN-OS 10.2.4-h17",
"PAN-OS 10.2.4-h16",
"PAN-OS 10.2.4-h15",
"PAN-OS 10.2.4-h14",
"PAN-OS 10.2.4-h13",
"PAN-OS 10.2.4-h12",
"PAN-OS 10.2.4-h11",
"PAN-OS 10.2.4-h10",
"PAN-OS 10.2.4-h9",
"PAN-OS 10.2.4-h8",
"PAN-OS 10.2.4-h7",
"PAN-OS 10.2.4-h6",
"PAN-OS 10.2.4-h5",
"PAN-OS 10.2.4-h4",
"PAN-OS 10.2.4-h3",
"PAN-OS 10.2.4-h2",
"PAN-OS 10.2.4-h1",
"PAN-OS 10.2.4",
"PAN-OS 10.2.3-h14",
"PAN-OS 10.2.3-h13",
"PAN-OS 10.2.3-h12",
"PAN-OS 10.2.3-h11",
"PAN-OS 10.2.3-h10",
"PAN-OS 10.2.3-h9",
"PAN-OS 10.2.3-h8",
"PAN-OS 10.2.3-h7",
"PAN-OS 10.2.3-h6",
"PAN-OS 10.2.3-h5",
"PAN-OS 10.2.3-h4",
"PAN-OS 10.2.3-h3",
"PAN-OS 10.2.3-h2",
"PAN-OS 10.2.3-h1",
"PAN-OS 10.2.3",
"PAN-OS 10.2.2-h6",
"PAN-OS 10.2.2-h5",
"PAN-OS 10.2.2-h4",
"PAN-OS 10.2.2-h3",
"PAN-OS 10.2.2-h2",
"PAN-OS 10.2.2-h1",
"PAN-OS 10.2.2",
"PAN-OS 10.2.1-h3",
"PAN-OS 10.2.1-h2",
"PAN-OS 10.2.1-h1",
"PAN-OS 10.2.1",
"PAN-OS 10.2.0-h4",
"PAN-OS 10.2.0-h3",
"PAN-OS 10.2.0-h2",
"PAN-OS 10.2.0-h1",
"PAN-OS 10.2.0",
"PAN-OS 10.1.14-h14",
"PAN-OS 10.1.14-h13",
"PAN-OS 10.1.14-h11",
"PAN-OS 10.1.14-h10",
"PAN-OS 10.1.14-h9",
"PAN-OS 10.1.14-h8",
"PAN-OS 10.1.14-h7",
"PAN-OS 10.1.14-h6",
"PAN-OS 10.1.14-h5",
"PAN-OS 10.1.14-h4",
"PAN-OS 10.1.14-h3",
"PAN-OS 10.1.14-h2",
"PAN-OS 10.1.14-h1",
"PAN-OS 10.1.14",
"PAN-OS 10.1.13-h5",
"PAN-OS 10.1.13-h4",
"PAN-OS 10.1.13-h3",
"PAN-OS 10.1.13-h2",
"PAN-OS 10.1.13-h1",
"PAN-OS 10.1.13",
"PAN-OS 10.1.12-h3",
"PAN-OS 10.1.12-h2",
"PAN-OS 10.1.12-h1",
"PAN-OS 10.1.12",
"PAN-OS 10.1.11-h10",
"PAN-OS 10.1.11-h9",
"PAN-OS 10.1.11-h8",
"PAN-OS 10.1.11-h7",
"PAN-OS 10.1.11-h6",
"PAN-OS 10.1.11-h5",
"PAN-OS 10.1.11-h4",
"PAN-OS 10.1.11-h3",
"PAN-OS 10.1.11-h2",
"PAN-OS 10.1.11-h1",
"PAN-OS 10.1.11",
"PAN-OS 10.1.10-h9",
"PAN-OS 10.1.10-h8",
"PAN-OS 10.1.10-h7",
"PAN-OS 10.1.10-h6",
"PAN-OS 10.1.10-h5",
"PAN-OS 10.1.10-h4",
"PAN-OS 10.1.10-h3",
"PAN-OS 10.1.10-h2",
"PAN-OS 10.1.10-h1",
"PAN-OS 10.1.10",
"PAN-OS 10.1.9-h14",
"PAN-OS 10.1.9-h13",
"PAN-OS 10.1.9-h12",
"PAN-OS 10.1.9-h11",
"PAN-OS 10.1.9-h10",
"PAN-OS 10.1.9-h9",
"PAN-OS 10.1.9-h8",
"PAN-OS 10.1.9-h7",
"PAN-OS 10.1.9-h6",
"PAN-OS 10.1.9-h5",
"PAN-OS 10.1.9-h4",
"PAN-OS 10.1.9-h3",
"PAN-OS 10.1.9-h2",
"PAN-OS 10.1.9-h1",
"PAN-OS 10.1.9",
"PAN-OS 10.1.8-h8",
"PAN-OS 10.1.8-h7",
"PAN-OS 10.1.8-h6",
"PAN-OS 10.1.8-h5",
"PAN-OS 10.1.8-h4",
"PAN-OS 10.1.8-h3",
"PAN-OS 10.1.8-h2",
"PAN-OS 10.1.8-h1",
"PAN-OS 10.1.8",
"PAN-OS 10.1.7-h1",
"PAN-OS 10.1.7",
"PAN-OS 10.1.6-h9",
"PAN-OS 10.1.6-h8",
"PAN-OS 10.1.6-h7",
"PAN-OS 10.1.6-h6",
"PAN-OS 10.1.6-h5",
"PAN-OS 10.1.6-h4",
"PAN-OS 10.1.6-h3",
"PAN-OS 10.1.6-h2",
"PAN-OS 10.1.6-h1",
"PAN-OS 10.1.6",
"PAN-OS 10.1.5-h4",
"PAN-OS 10.1.5-h3",
"PAN-OS 10.1.5-h2",
"PAN-OS 10.1.5-h1",
"PAN-OS 10.1.5",
"PAN-OS 10.1.4-h6",
"PAN-OS 10.1.4-h5",
"PAN-OS 10.1.4-h4",
"PAN-OS 10.1.4-h3",
"PAN-OS 10.1.4-h2",
"PAN-OS 10.1.4-h1",
"PAN-OS 10.1.4",
"PAN-OS 10.1.3-h4",
"PAN-OS 10.1.3-h3",
"PAN-OS 10.1.3-h2",
"PAN-OS 10.1.3-h1",
"PAN-OS 10.1.3",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0133",
"datePublished": "2025-05-14T18:07:36.381Z",
"dateReserved": "2024-12-20T23:23:33.828Z",
"dateUpdated": "2025-05-14T20:51:15.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-0133\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2025-05-14T19:15:51.517\",\"lastModified\":\"2025-05-16T14:43:56.797\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect\u2122 gateway and portal features of Palo Alto Networks PAN-OS\u00ae software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user\u0027s browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft\u2014particularly if you enabled Clientless VPN.\\n\\nThere is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.\\n\\n\\n\\nFor GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad cross-site scripting (XSS) reflejado en las funciones de portal y puerta de enlace de GlobalProtect\u2122 del software PAN-OS\u00ae de Palo Alto Networks permite la ejecuci\u00f3n de JavaScript malicioso en el navegador de un usuario autenticado de un portal cautivo al hacer clic en un enlace especialmente manipulado. El principal riesgo son los ataques de phishing que pueden provocar el robo de credenciales, especialmente si se ha habilitado la VPN sin cliente. No se ha visto afectada la disponibilidad de las funciones ni los usuarios de GlobalProtect. Los atacantes no pueden usar esta vulnerabilidad para manipular o modificar el contenido o la configuraci\u00f3n del portal o las puertas de enlace de GlobalProtect. El impacto en la integridad de esta vulnerabilidad se limita a permitir que un atacante cree enlaces de phishing y robo de credenciales que parecen estar alojados en el portal de GlobalProtect. Para los usuarios de GlobalProtect con la VPN sin cliente habilitada, el impacto en la confidencialidad es limitado debido a los riesgos inherentes de la VPN sin cliente que facilitan el robo de credenciales. Puede obtener m\u00e1s informaci\u00f3n sobre este riesgo en el bolet\u00edn informativo PAN-SA-2025-0005 (https://security.paloaltonetworks.com/PAN-SA-2025-0005). La confidencialidad de los usuarios de GlobalProtect no se ve afectada si no habilita (o deshabilita) la VPN sin cliente.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:M/U:Amber\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NEGLIGIBLE\",\"Automatable\":\"NO\",\"Recovery\":\"USER\",\"valueDensity\":\"DIFFUSE\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2025-0133\",\"source\":\"psirt@paloaltonetworks.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0133\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-14T20:51:07.672908Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-14T20:51:12.264Z\"}}], \"cna\": {\"title\": \"PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal\", \"source\": {\"defect\": [\"PAN-287002\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"XBOW Security\"}], \"impacts\": [{\"capecId\": \"CAPEC-591\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-591 Reflected XSS\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 5.1, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"Without Clientless VPN\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NEGLIGIBLE\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 6.9, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"With Clientless VPN enabled, there are inherent risks that facilitate credential stealing (enumerated in PAN-SA-2025-0005).\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.15:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.14:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"PAN-OS\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"11.2.8\", \"status\": \"unaffected\"}], \"version\": \"11.2.0\", \"lessThan\": \"11.2.8\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.1.11\", \"status\": \"unaffected\"}], \"version\": \"11.1.0\", \"lessThan\": \"11.1.11\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.17\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.17\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\u0026nbsp;\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-05-14T16:00:00.000Z\", \"value\": \"Initial Publication\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"VersionMinor VersionSuggested SolutionPAN-OS 11.211.2.0 through 11.2.7Upgrade to 11.2.8 or later [ETA June 2025]PAN-OS 11.111.1.0 through 11.1.10Upgrade to 11.1.11 or later [ETA July 2025]PAN-OS 10.210.2.0 through 10.2.16Upgrade to 10.2.17 or later [ETA August 2025]PAN-OS 10.110.1.0 through 10.1.14Upgrade to 10.2.17 or later [ETA August 2025]All other older unsupported PAN-OS versions\\n\\nUpgrade to a supported fixed version\\nPAN-OS 10.1 is in\\u00a0 L https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy imited Support https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy \\u00a0and reaches\\u00a0 Software EOL in August 2025 https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary .\\n\\n https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.7\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.8 or later [ETA June 2025]\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.10\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.11 or later [ETA July 2025]\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.16\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.17 or later [ETA August 2025]\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.1\u003c/td\u003e\u003ctd\u003e10.1.0 through 10.1.14\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.17 or later [ETA August 2025]\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older unsupported PAN-OS versions\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003ePAN-OS 10.1 is in\u0026nbsp;\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy\\\"\u003eL\u003c/a\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy\\\"\u003eimited Support\u003c/a\u003e\u0026nbsp;and reaches\u0026nbsp;\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary\\\"\u003eSoftware EOL in August 2025\u003c/a\u003e.\u003c/p\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-policy\\\"\u003e\u003c/a\u003e\", \"base64\": false}]}], \"datePublic\": \"2025-05-14T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2025-0133\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510003 and 510004 (introduced in Applications and Threats content version 8970).\\n\\nYou can also disable Clientless VPN. For more information, review the security advisory\\u00a0 PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 .\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510003 and 510004 (introduced in Applications and Threats content version 8970).\u003c/p\u003e\u003cp\u003eYou can also disable Clientless VPN. For more information, review the security advisory\u0026nbsp;\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://security.paloaltonetworks.com/PAN-SA-2025-0005\\\"\u003ePAN-SA-2025-0005\u003c/a\u003e.\u003c/p\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect\\u2122 gateway and portal features of Palo Alto Networks PAN-OS\\u00ae software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user\u0027s browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft\\u2014particularly if you enabled Clientless VPN.\\n\\nThere is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.\\n\\n\\n\\nFor GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003e\u003c/p\u003e\u003cp\u003eA reflected cross-site scripting (XSS) vulnerability in the GlobalProtect\\u2122 gateway and portal features of Palo Alto Networks PAN-OS\\u00ae software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user\u0027s browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft\\u2014particularly if you enabled Clientless VPN.\u003c/p\u003e\u003cp\u003eThere is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eFor GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://security.paloaltonetworks.com/PAN-SA-2025-0005\\\"\u003ePAN-SA-2025-0005\u003c/a\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://security.paloaltonetworks.com/PAN-SA-2025-0005\\\"\u003e\u003c/a\u003e. There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect gateway or portal.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect gateway or portal.\", \"base64\": false}]}], \"x_affectedList\": [\"PAN-OS 11.2.6\", \"PAN-OS 11.2.5\", \"PAN-OS 11.2.4-h7\", \"PAN-OS 11.2.4-h6\", \"PAN-OS 11.2.4-h5\", \"PAN-OS 11.2.4-h4\", \"PAN-OS 11.2.4-h3\", \"PAN-OS 11.2.4-h2\", \"PAN-OS 11.2.4-h1\", \"PAN-OS 11.2.4\", \"PAN-OS 11.2.3-h5\", \"PAN-OS 11.2.3-h4\", \"PAN-OS 11.2.3-h3\", \"PAN-OS 11.2.3-h2\", \"PAN-OS 11.2.3-h1\", \"PAN-OS 11.2.3\", \"PAN-OS 11.2.2-h2\", \"PAN-OS 11.2.2-h1\", \"PAN-OS 11.2.1-h1\", \"PAN-OS 11.2.1\", \"PAN-OS 11.2.0-h1\", \"PAN-OS 11.2.0\", \"PAN-OS 11.1.9\", \"PAN-OS 11.1.8\", \"PAN-OS 11.1.6-h7\", \"PAN-OS 11.1.6-h6\", \"PAN-OS 11.1.6-h4\", \"PAN-OS 11.1.6-h3\", \"PAN-OS 11.1.6-h2\", \"PAN-OS 11.1.6-h1\", \"PAN-OS 11.1.6\", \"PAN-OS 11.1.5-h1\", \"PAN-OS 11.1.5\", \"PAN-OS 11.1.4-h18\", \"PAN-OS 11.1.4-h17\", \"PAN-OS 11.1.4-h15\", \"PAN-OS 11.1.4-h13\", \"PAN-OS 11.1.4-h12\", \"PAN-OS 11.1.4-h11\", \"PAN-OS 11.1.4-h10\", \"PAN-OS 11.1.4-h9\", \"PAN-OS 11.1.4-h8\", \"PAN-OS 11.1.4-h7\", \"PAN-OS 11.1.4-h6\", \"PAN-OS 11.1.4-h5\", \"PAN-OS 11.1.4-h4\", \"PAN-OS 11.1.4-h3\", \"PAN-OS 11.1.4-h2\", \"PAN-OS 11.1.4-h1\", \"PAN-OS 11.1.4\", \"PAN-OS 11.1.3-h13\", \"PAN-OS 11.1.3-h12\", \"PAN-OS 11.1.3-h11\", \"PAN-OS 11.1.3-h10\", \"PAN-OS 11.1.3-h9\", \"PAN-OS 11.1.3-h8\", \"PAN-OS 11.1.3-h7\", \"PAN-OS 11.1.3-h6\", \"PAN-OS 11.1.3-h5\", \"PAN-OS 11.1.3-h4\", \"PAN-OS 11.1.3-h3\", \"PAN-OS 11.1.3-h2\", \"PAN-OS 11.1.3-h1\", \"PAN-OS 11.1.3\", \"PAN-OS 11.1.2-h18\", \"PAN-OS 11.1.2-h17\", \"PAN-OS 11.1.2-h16\", \"PAN-OS 11.1.2-h15\", \"PAN-OS 11.1.2-h14\", \"PAN-OS 11.1.2-h13\", \"PAN-OS 11.1.2-h12\", \"PAN-OS 11.1.2-h11\", \"PAN-OS 11.1.2-h10\", \"PAN-OS 11.1.2-h9\", \"PAN-OS 11.1.2-h8\", \"PAN-OS 11.1.2-h7\", \"PAN-OS 11.1.2-h6\", \"PAN-OS 11.1.2-h5\", \"PAN-OS 11.1.2-h4\", \"PAN-OS 11.1.2-h3\", \"PAN-OS 11.1.2-h2\", \"PAN-OS 11.1.2-h1\", \"PAN-OS 11.1.2\", \"PAN-OS 11.1.1-h2\", \"PAN-OS 11.1.1-h1\", \"PAN-OS 11.1.1\", \"PAN-OS 11.1.0-h4\", \"PAN-OS 11.1.0-h3\", \"PAN-OS 11.1.0-h2\", \"PAN-OS 11.1.0-h1\", \"PAN-OS 11.1.0\", \"PAN-OS 10.2.14-h1\", \"PAN-OS 10.2.14\", \"PAN-OS 10.2.13-h7\", \"PAN-OS 10.2.13-h5\", \"PAN-OS 10.2.13-h4\", \"PAN-OS 10.2.13-h3\", \"PAN-OS 10.2.13-h2\", \"PAN-OS 10.2.13-h1\", \"PAN-OS 10.2.13\", \"PAN-OS 10.2.12-h6\", \"PAN-OS 10.2.12-h5\", \"PAN-OS 10.2.12-h4\", \"PAN-OS 10.2.12-h3\", \"PAN-OS 10.2.12-h2\", \"PAN-OS 10.2.12-h1\", \"PAN-OS 10.2.12\", \"PAN-OS 10.2.11-h13\", \"PAN-OS 10.2.11-h12\", \"PAN-OS 10.2.11-h11\", \"PAN-OS 10.2.11-h10\", \"PAN-OS 10.2.11-h9\", \"PAN-OS 10.2.11-h8\", \"PAN-OS 10.2.11-h7\", \"PAN-OS 10.2.11-h6\", \"PAN-OS 10.2.11-h5\", \"PAN-OS 10.2.11-h4\", \"PAN-OS 10.2.11-h3\", \"PAN-OS 10.2.11-h2\", \"PAN-OS 10.2.11-h1\", \"PAN-OS 10.2.11\", \"PAN-OS 10.2.10-h18\", \"PAN-OS 10.2.10-h17\", \"PAN-OS 10.2.10-h14\", \"PAN-OS 10.2.10-h13\", \"PAN-OS 10.2.10-h12\", \"PAN-OS 10.2.10-h11\", \"PAN-OS 10.2.10-h10\", \"PAN-OS 10.2.10-h9\", \"PAN-OS 10.2.10-h8\", \"PAN-OS 10.2.10-h7\", \"PAN-OS 10.2.10-h6\", \"PAN-OS 10.2.10-h5\", \"PAN-OS 10.2.10-h4\", \"PAN-OS 10.2.10-h3\", \"PAN-OS 10.2.10-h2\", \"PAN-OS 10.2.10-h1\", \"PAN-OS 10.2.10\", \"PAN-OS 10.2.9-h21\", \"PAN-OS 10.2.9-h20\", \"PAN-OS 10.2.9-h19\", \"PAN-OS 10.2.9-h18\", \"PAN-OS 10.2.9-h17\", \"PAN-OS 10.2.9-h16\", \"PAN-OS 10.2.9-h15\", \"PAN-OS 10.2.9-h14\", \"PAN-OS 10.2.9-h13\", \"PAN-OS 10.2.9-h12\", \"PAN-OS 10.2.9-h11\", \"PAN-OS 10.2.9-h10\", \"PAN-OS 10.2.9-h9\", \"PAN-OS 10.2.9-h8\", \"PAN-OS 10.2.9-h7\", \"PAN-OS 10.2.9-h6\", \"PAN-OS 10.2.9-h5\", \"PAN-OS 10.2.9-h4\", \"PAN-OS 10.2.9-h3\", \"PAN-OS 10.2.9-h2\", \"PAN-OS 10.2.9-h1\", \"PAN-OS 10.2.9\", \"PAN-OS 10.2.8-h21\", \"PAN-OS 10.2.8-h20\", \"PAN-OS 10.2.8-h19\", \"PAN-OS 10.2.8-h18\", \"PAN-OS 10.2.8-h17\", \"PAN-OS 10.2.8-h16\", \"PAN-OS 10.2.8-h15\", \"PAN-OS 10.2.8-h14\", \"PAN-OS 10.2.8-h13\", \"PAN-OS 10.2.8-h12\", \"PAN-OS 10.2.8-h11\", \"PAN-OS 10.2.8-h10\", \"PAN-OS 10.2.8-h9\", \"PAN-OS 10.2.8-h8\", \"PAN-OS 10.2.8-h7\", \"PAN-OS 10.2.8-h6\", \"PAN-OS 10.2.8-h5\", \"PAN-OS 10.2.8-h4\", \"PAN-OS 10.2.8-h3\", \"PAN-OS 10.2.8-h2\", \"PAN-OS 10.2.8-h1\", \"PAN-OS 10.2.8\", \"PAN-OS 10.2.7-h24\", \"PAN-OS 10.2.7-h23\", \"PAN-OS 10.2.7-h22\", \"PAN-OS 10.2.7-h21\", \"PAN-OS 10.2.7-h20\", \"PAN-OS 10.2.7-h19\", \"PAN-OS 10.2.7-h18\", \"PAN-OS 10.2.7-h17\", \"PAN-OS 10.2.7-h16\", \"PAN-OS 10.2.7-h15\", \"PAN-OS 10.2.7-h14\", \"PAN-OS 10.2.7-h13\", \"PAN-OS 10.2.7-h12\", \"PAN-OS 10.2.7-h11\", \"PAN-OS 10.2.7-h10\", \"PAN-OS 10.2.7-h9\", \"PAN-OS 10.2.7-h8\", \"PAN-OS 10.2.7-h7\", \"PAN-OS 10.2.7-h6\", \"PAN-OS 10.2.7-h5\", \"PAN-OS 10.2.7-h4\", \"PAN-OS 10.2.7-h3\", \"PAN-OS 10.2.7-h2\", \"PAN-OS 10.2.7-h1\", \"PAN-OS 10.2.7\", \"PAN-OS 10.2.6-h6\", \"PAN-OS 10.2.6-h5\", \"PAN-OS 10.2.6-h4\", \"PAN-OS 10.2.6-h3\", \"PAN-OS 10.2.6-h2\", \"PAN-OS 10.2.6-h1\", \"PAN-OS 10.2.6\", \"PAN-OS 10.2.5-h9\", \"PAN-OS 10.2.5-h8\", \"PAN-OS 10.2.5-h7\", \"PAN-OS 10.2.5-h6\", \"PAN-OS 10.2.5-h5\", \"PAN-OS 10.2.5-h4\", \"PAN-OS 10.2.5-h3\", \"PAN-OS 10.2.5-h2\", \"PAN-OS 10.2.5-h1\", \"PAN-OS 10.2.5\", \"PAN-OS 10.2.4-h32\", \"PAN-OS 10.2.4-h31\", \"PAN-OS 10.2.4-h30\", \"PAN-OS 10.2.4-h29\", \"PAN-OS 10.2.4-h28\", \"PAN-OS 10.2.4-h27\", \"PAN-OS 10.2.4-h26\", \"PAN-OS 10.2.4-h25\", \"PAN-OS 10.2.4-h24\", \"PAN-OS 10.2.4-h23\", \"PAN-OS 10.2.4-h22\", \"PAN-OS 10.2.4-h21\", \"PAN-OS 10.2.4-h20\", \"PAN-OS 10.2.4-h19\", \"PAN-OS 10.2.4-h18\", \"PAN-OS 10.2.4-h17\", \"PAN-OS 10.2.4-h16\", \"PAN-OS 10.2.4-h15\", \"PAN-OS 10.2.4-h14\", \"PAN-OS 10.2.4-h13\", \"PAN-OS 10.2.4-h12\", \"PAN-OS 10.2.4-h11\", \"PAN-OS 10.2.4-h10\", \"PAN-OS 10.2.4-h9\", \"PAN-OS 10.2.4-h8\", \"PAN-OS 10.2.4-h7\", \"PAN-OS 10.2.4-h6\", \"PAN-OS 10.2.4-h5\", \"PAN-OS 10.2.4-h4\", \"PAN-OS 10.2.4-h3\", \"PAN-OS 10.2.4-h2\", \"PAN-OS 10.2.4-h1\", \"PAN-OS 10.2.4\", \"PAN-OS 10.2.3-h14\", \"PAN-OS 10.2.3-h13\", \"PAN-OS 10.2.3-h12\", \"PAN-OS 10.2.3-h11\", \"PAN-OS 10.2.3-h10\", \"PAN-OS 10.2.3-h9\", \"PAN-OS 10.2.3-h8\", \"PAN-OS 10.2.3-h7\", \"PAN-OS 10.2.3-h6\", \"PAN-OS 10.2.3-h5\", \"PAN-OS 10.2.3-h4\", \"PAN-OS 10.2.3-h3\", \"PAN-OS 10.2.3-h2\", \"PAN-OS 10.2.3-h1\", \"PAN-OS 10.2.3\", \"PAN-OS 10.2.2-h6\", \"PAN-OS 10.2.2-h5\", \"PAN-OS 10.2.2-h4\", \"PAN-OS 10.2.2-h3\", \"PAN-OS 10.2.2-h2\", \"PAN-OS 10.2.2-h1\", \"PAN-OS 10.2.2\", \"PAN-OS 10.2.1-h3\", \"PAN-OS 10.2.1-h2\", \"PAN-OS 10.2.1-h1\", \"PAN-OS 10.2.1\", \"PAN-OS 10.2.0-h4\", \"PAN-OS 10.2.0-h3\", \"PAN-OS 10.2.0-h2\", \"PAN-OS 10.2.0-h1\", \"PAN-OS 10.2.0\", \"PAN-OS 10.1.14-h14\", \"PAN-OS 10.1.14-h13\", \"PAN-OS 10.1.14-h11\", \"PAN-OS 10.1.14-h10\", \"PAN-OS 10.1.14-h9\", \"PAN-OS 10.1.14-h8\", \"PAN-OS 10.1.14-h7\", \"PAN-OS 10.1.14-h6\", \"PAN-OS 10.1.14-h5\", \"PAN-OS 10.1.14-h4\", \"PAN-OS 10.1.14-h3\", \"PAN-OS 10.1.14-h2\", \"PAN-OS 10.1.14-h1\", \"PAN-OS 10.1.14\", \"PAN-OS 10.1.13-h5\", \"PAN-OS 10.1.13-h4\", \"PAN-OS 10.1.13-h3\", \"PAN-OS 10.1.13-h2\", \"PAN-OS 10.1.13-h1\", \"PAN-OS 10.1.13\", \"PAN-OS 10.1.12-h3\", \"PAN-OS 10.1.12-h2\", \"PAN-OS 10.1.12-h1\", \"PAN-OS 10.1.12\", \"PAN-OS 10.1.11-h10\", \"PAN-OS 10.1.11-h9\", \"PAN-OS 10.1.11-h8\", \"PAN-OS 10.1.11-h7\", \"PAN-OS 10.1.11-h6\", \"PAN-OS 10.1.11-h5\", \"PAN-OS 10.1.11-h4\", \"PAN-OS 10.1.11-h3\", \"PAN-OS 10.1.11-h2\", \"PAN-OS 10.1.11-h1\", \"PAN-OS 10.1.11\", \"PAN-OS 10.1.10-h9\", \"PAN-OS 10.1.10-h8\", \"PAN-OS 10.1.10-h7\", \"PAN-OS 10.1.10-h6\", \"PAN-OS 10.1.10-h5\", \"PAN-OS 10.1.10-h4\", \"PAN-OS 10.1.10-h3\", \"PAN-OS 10.1.10-h2\", \"PAN-OS 10.1.10-h1\", \"PAN-OS 10.1.10\", \"PAN-OS 10.1.9-h14\", \"PAN-OS 10.1.9-h13\", \"PAN-OS 10.1.9-h12\", \"PAN-OS 10.1.9-h11\", \"PAN-OS 10.1.9-h10\", \"PAN-OS 10.1.9-h9\", \"PAN-OS 10.1.9-h8\", \"PAN-OS 10.1.9-h7\", \"PAN-OS 10.1.9-h6\", \"PAN-OS 10.1.9-h5\", \"PAN-OS 10.1.9-h4\", \"PAN-OS 10.1.9-h3\", \"PAN-OS 10.1.9-h2\", \"PAN-OS 10.1.9-h1\", \"PAN-OS 10.1.9\", \"PAN-OS 10.1.8-h8\", \"PAN-OS 10.1.8-h7\", \"PAN-OS 10.1.8-h6\", \"PAN-OS 10.1.8-h5\", \"PAN-OS 10.1.8-h4\", \"PAN-OS 10.1.8-h3\", \"PAN-OS 10.1.8-h2\", \"PAN-OS 10.1.8-h1\", \"PAN-OS 10.1.8\", \"PAN-OS 10.1.7-h1\", \"PAN-OS 10.1.7\", \"PAN-OS 10.1.6-h9\", \"PAN-OS 10.1.6-h8\", \"PAN-OS 10.1.6-h7\", \"PAN-OS 10.1.6-h6\", \"PAN-OS 10.1.6-h5\", \"PAN-OS 10.1.6-h4\", \"PAN-OS 10.1.6-h3\", \"PAN-OS 10.1.6-h2\", \"PAN-OS 10.1.6-h1\", \"PAN-OS 10.1.6\", \"PAN-OS 10.1.5-h4\", \"PAN-OS 10.1.5-h3\", \"PAN-OS 10.1.5-h2\", \"PAN-OS 10.1.5-h1\", \"PAN-OS 10.1.5\", \"PAN-OS 10.1.4-h6\", \"PAN-OS 10.1.4-h5\", \"PAN-OS 10.1.4-h4\", \"PAN-OS 10.1.4-h3\", \"PAN-OS 10.1.4-h2\", \"PAN-OS 10.1.4-h1\", \"PAN-OS 10.1.4\", \"PAN-OS 10.1.3-h4\", \"PAN-OS 10.1.3-h3\", \"PAN-OS 10.1.3-h2\", \"PAN-OS 10.1.3-h1\", \"PAN-OS 10.1.3\", \"PAN-OS 10.1.2\", \"PAN-OS 10.1.1\", \"PAN-OS 10.1.0\"], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2025-05-14T18:07:36.381Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-0133\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-14T20:51:15.284Z\", \"dateReserved\": \"2024-12-20T23:23:33.828Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2025-05-14T18:07:36.381Z\", \"assignerShortName\": \"palo_alto\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
ghsa-r93p-9jjr-wjhj
Vulnerability from github
Published
2025-05-14 21:31
Modified
2025-05-14 21:31
Severity ?
VLAI Severity ?
Details
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft—particularly if you enabled Clientless VPN.
There is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.
For GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.
{
"affected": [],
"aliases": [
"CVE-2025-0133"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-14T19:15:51Z",
"severity": "MODERATE"
},
"details": "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect\u2122 gateway and portal features of Palo Alto Networks PAN-OS\u00ae software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user\u0027s browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft\u2014particularly if you enabled Clientless VPN.\n\nThere is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.\n\n\n\nFor GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.",
"id": "GHSA-r93p-9jjr-wjhj",
"modified": "2025-05-14T21:31:18Z",
"published": "2025-05-14T21:31:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0133"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2025-0133"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:M/U:Amber",
"type": "CVSS_V4"
}
]
}
icsa-25-162-02
Vulnerability from csaf_cisa
Published
2025-06-10 00:00
Modified
2025-10-14 00:00
Summary
Siemens RUGGEDCOM APE1808
Notes
Summary
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.
Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.
[1] https://security.paloaltonetworks.com/
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice and Terms of Use
This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Advisory Conversion Disclaimer
This ICSA is a verbatim republication of Siemens ProductCERT SSA-513708 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks\u0027 upstream security notifications.\n\n[1] https://security.paloaltonetworks.com/",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
"title": "Legal Notice and Terms of Use"
},
{
"category": "other",
"text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-513708 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-513708.json"
},
{
"category": "self",
"summary": "SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-513708.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-162-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-162-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-162-02 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
}
],
"title": "Siemens RUGGEDCOM APE1808",
"tracking": {
"current_release_date": "2025-10-14T00:00:00.000000Z",
"generator": {
"date": "2025-10-16T21:33:18.205051Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-162-02",
"initial_release_date": "2025-06-10T00:00:00.000000Z",
"revision_history": [
{
"date": "2025-06-10T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-07-08T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added CVE-2025-4229 and CVE-2025-4230"
},
{
"date": "2025-10-14T00:00:00.000000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added CVE-2025-4614 and CVE-2025-4615"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "CSAFPID-0001"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "CSAFPID-0002"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "CSAFPID-0003"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM APE1808"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0133",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect\u2122 gateway and portal features of Palo Alto Networks PAN-OS\u00ae software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user\u0027s browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft\u2014particularly if you enabled Clientless VPN.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Disable Clientless VPN. For additional mitigation measures, refer to Palo Alto Networks\u0027 Security Advisory",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-0133"
},
{
"cve": "CVE-2025-4229",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"category": "summary",
"text": "An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS\u00ae software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0002"
]
}
],
"title": "CVE-2025-4229"
},
{
"cve": "CVE-2025-4230",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A command injection vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Restrict CLI access to a limited group of administrators",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2025-4230"
},
{
"cve": "CVE-2025-4614",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"category": "summary",
"text": "An information disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Restrict CLI access to a limited group of administrators",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004"
]
}
],
"title": "CVE-2025-4614"
},
{
"cve": "CVE-2025-4615",
"cwe": {
"id": "CWE-83",
"name": "Improper Neutralization of Script in Attributes in a Web Page"
},
"notes": [
{
"category": "summary",
"text": "An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Restrict CLI access to a limited group of administrators",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2025-4615"
}
]
}
ncsc-2025-0187
Vulnerability from csaf_ncscnl
Published
2025-06-10 13:11
Modified
2025-06-10 13:11
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als RUGGEDCOM, SCALANCE, SIMATIC en Tecnomatix
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (root/admin rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Toegang tot gevoelige gegevens
- Spoofing
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-395
Use of NullPointerException Catch to Detect NULL Pointer Dereference
CWE-332
Insufficient Entropy in PRNG
CWE-940
Improper Verification of Source of a Communication Channel
CWE-466
Return of Pointer Value Outside of Expected Range
CWE-390
Detection of Error Condition Without Action
CWE-826
Premature Release of Resource During Expected Lifetime
CWE-222
Truncation of Security-relevant Information
CWE-310
CWE-310
CWE-273
Improper Check for Dropped Privileges
CWE-364
Signal Handler Race Condition
CWE-911
Improper Update of Reference Count
CWE-131
Incorrect Calculation of Buffer Size
CWE-304
Missing Critical Step in Authentication
CWE-684
Incorrect Provision of Specified Functionality
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-268
Privilege Chaining
CWE-366
Race Condition within a Thread
CWE-150
Improper Neutralization of Escape, Meta, or Control Sequences
CWE-201
Insertion of Sensitive Information Into Sent Data
CWE-407
Inefficient Algorithmic Complexity
CWE-371
CWE-371
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-667
Improper Locking
CWE-311
Missing Encryption of Sensitive Data
CWE-703
Improper Check or Handling of Exceptional Conditions
CWE-908
Use of Uninitialized Resource
CWE-617
Reachable Assertion
CWE-129
Improper Validation of Array Index
CWE-124
Buffer Underwrite ('Buffer Underflow')
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-345
Insufficient Verification of Data Authenticity
CWE-354
Improper Validation of Integrity Check Value
CWE-325
Missing Cryptographic Step
CWE-190
Integer Overflow or Wraparound
CWE-290
Authentication Bypass by Spoofing
CWE-99
Improper Control of Resource Identifiers ('Resource Injection')
CWE-665
Improper Initialization
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-757
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-611
Improper Restriction of XML External Entity Reference
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-73
External Control of File Name or Path
CWE-20
Improper Input Validation
CWE-863
Incorrect Authorization
CWE-276
Incorrect Default Permissions
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als RUGGEDCOM, SCALANCE, SIMATIC en Tecnomatix",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (root/admin rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n- Spoofing\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Use of NullPointerException Catch to Detect NULL Pointer Dereference",
"title": "CWE-395"
},
{
"category": "general",
"text": "Insufficient Entropy in PRNG",
"title": "CWE-332"
},
{
"category": "general",
"text": "Improper Verification of Source of a Communication Channel",
"title": "CWE-940"
},
{
"category": "general",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Premature Release of Resource During Expected Lifetime",
"title": "CWE-826"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "CWE-310",
"title": "CWE-310"
},
{
"category": "general",
"text": "Improper Check for Dropped Privileges",
"title": "CWE-273"
},
{
"category": "general",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
},
{
"category": "general",
"text": "Improper Update of Reference Count",
"title": "CWE-911"
},
{
"category": "general",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "general",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
},
{
"category": "general",
"text": "Incorrect Provision of Specified Functionality",
"title": "CWE-684"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Privilege Chaining",
"title": "CWE-268"
},
{
"category": "general",
"text": "Race Condition within a Thread",
"title": "CWE-366"
},
{
"category": "general",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences",
"title": "CWE-150"
},
{
"category": "general",
"text": "Insertion of Sensitive Information Into Sent Data",
"title": "CWE-201"
},
{
"category": "general",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "CWE-371",
"title": "CWE-371"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Improper Locking",
"title": "CWE-667"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "general",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "general",
"text": "Reachable Assertion",
"title": "CWE-617"
},
{
"category": "general",
"text": "Improper Validation of Array Index",
"title": "CWE-129"
},
{
"category": "general",
"text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"title": "CWE-124"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "general",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
},
{
"category": "general",
"text": "Improper Initialization",
"title": "CWE-665"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-082556.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-345750.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-486186.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-513708.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-633269.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693776.pdf"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2025-06-10T13:11:56.672768Z",
"generator": {
"date": "2025-06-05T14:45:00Z",
"engine": {
"name": "V.A.",
"version": "1.1"
}
},
"id": "NCSC-2025-0187",
"initial_release_date": "2025-06-10T13:11:56.672768Z",
"revision_history": [
{
"date": "2025-06-10T13:11:56.672768Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/none",
"product": {
"name": "vers:unknown/none",
"product_id": "CSAFPID-1211853"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:siemens/3.1.0",
"product": {
"name": "vers:siemens/3.1.0",
"product_id": "CSAFPID-1195553"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/1.0",
"product": {
"name": "vers:unknown/1.0",
"product_id": "CSAFPID-1211202"
}
}
],
"category": "product_name",
"name": "Simatic S7-1500 Tm Mfp Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:siemens/7.4.3",
"product": {
"name": "vers:siemens/7.4.3",
"product_id": "CSAFPID-2849543"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/none",
"product": {
"name": "vers:unknown/none",
"product_id": "CSAFPID-1756091"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM APE1808 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/none",
"product": {
"name": "vers:unknown/none",
"product_id": "CSAFPID-2619544"
}
}
],
"category": "product_name",
"name": "Ruggedcom Ape1808"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:siemens/3.0.0",
"product": {
"name": "vers:siemens/3.0.0",
"product_id": "CSAFPID-2082475"
}
}
],
"category": "product_name",
"name": "Scalance W700 Ieee 802.11Ax Firmware"
}
],
"category": "product_family",
"name": "Siemens"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266669"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266670"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266671"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266672"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "vers:all/*",
"product_id": "CSAFPID-2460438"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.3.0",
"product": {
"name": "vers:unknown/\u003cv1.3.0",
"product_id": "CSAFPID-1270701"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 TM MFP - BIOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.1",
"product": {
"name": "vers:unknown/\u003cv1.1",
"product_id": "CSAFPID-1270700"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266673"
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "vers:all/*",
"product_id": "CSAFPID-1272525"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM APE1808"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-126262",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:ruggedcom_ape1808:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "ruggedcom_ape1808"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "vers:all/*",
"product_id": "CSAFPID-2905706"
}
}
],
"category": "product_name",
"name": "Energy Services"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv2404.0013",
"product": {
"name": "vers:all/\u003cv2404.0013",
"product_id": "CSAFPID-2905742"
}
}
],
"category": "product_name",
"name": "Tecnomatix Plant Simulation V2404"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905748"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905793"
}
}
],
"category": "product_name",
"name": "SCALANCE XC316-8 (6GK5324-8TS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905749"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905794"
}
}
],
"category": "product_name",
"name": "SCALANCE XC324-4 (6GK5328-4TS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905750"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905795"
}
}
],
"category": "product_name",
"name": "SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905751"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905796"
}
}
],
"category": "product_name",
"name": "SCALANCE XC332 (6GK5332-0GA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905752"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905797"
}
}
],
"category": "product_name",
"name": "SCALANCE XC416-8 (6GK5424-8TR00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905753"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905798"
}
}
],
"category": "product_name",
"name": "SCALANCE XC424-4 (6GK5428-4TR00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905754"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905799"
}
}
],
"category": "product_name",
"name": "SCALANCE XC432 (6GK5432-0GR00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905755"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905800"
}
}
],
"category": "product_name",
"name": "SCALANCE XCH328 (6GK5328-4TS01-2EC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905756"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905801"
}
}
],
"category": "product_name",
"name": "SCALANCE XCM324 (6GK5324-8TS01-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905757"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905802"
}
}
],
"category": "product_name",
"name": "SCALANCE XCM328 (6GK5328-4TS01-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905758"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905803"
}
}
],
"category": "product_name",
"name": "SCALANCE XCM332 (6GK5332-0GA01-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905759"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905804"
}
}
],
"category": "product_name",
"name": "SCALANCE XR302-32 (6GK5334-5TS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905760"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905805"
}
}
],
"category": "product_name",
"name": "SCALANCE XR302-32 (6GK5334-5TS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905761"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905806"
}
}
],
"category": "product_name",
"name": "SCALANCE XR302-32 (6GK5334-5TS00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905762"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905807"
}
}
],
"category": "product_name",
"name": "SCALANCE XR322-12 (6GK5334-3TS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905763"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905808"
}
}
],
"category": "product_name",
"name": "SCALANCE XR322-12 (6GK5334-3TS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905764"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905809"
}
}
],
"category": "product_name",
"name": "SCALANCE XR322-12 (6GK5334-3TS00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905765"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905810"
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 (6GK5334-2TS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905766"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905811"
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 (6GK5334-2TS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905767"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905812"
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 (6GK5334-2TS00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905768"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905813"
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905769"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905814"
}
}
],
"category": "product_name",
"name": "SCALANCE XR502-32 (6GK5534-5TR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905770"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905815"
}
}
],
"category": "product_name",
"name": "SCALANCE XR502-32 (6GK5534-5TR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905771"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905816"
}
}
],
"category": "product_name",
"name": "SCALANCE XR502-32 (6GK5534-5TR00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905772"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905817"
}
}
],
"category": "product_name",
"name": "SCALANCE XR522-12 (6GK5534-3TR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905773"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905818"
}
}
],
"category": "product_name",
"name": "SCALANCE XR522-12 (6GK5534-3TR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905774"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905819"
}
}
],
"category": "product_name",
"name": "SCALANCE XR522-12 (6GK5534-3TR00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905775"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905820"
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8 (6GK5534-2TR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905776"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905821"
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8 (6GK5534-2TR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905777"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905822"
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8 (6GK5534-2TR00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905778"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905823"
}
}
],
"category": "product_name",
"name": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905786"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905831"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905785"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905830"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905787"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905832"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905783"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905828"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905782"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905827"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905784"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905829"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905780"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905825"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905779"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905824"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905781"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905826"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Improper Check for Dropped Privileges",
"title": "CWE-273"
},
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-41617 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2021/cve-2021-41617.json"
}
],
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2023-4527",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4527 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-4527.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-4527"
},
{
"cve": "CVE-2023-4806",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4806 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-4806.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-4806"
},
{
"cve": "CVE-2023-4911",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4911 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-4911.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-4911"
},
{
"cve": "CVE-2023-5363",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"notes": [
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Incorrect Provision of Specified Functionality",
"title": "CWE-684"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5363 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-5363.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2023-6246",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6246 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-6246.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-6246"
},
{
"cve": "CVE-2023-6779",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6779 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-6779.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-6779"
},
{
"cve": "CVE-2023-6780",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6780 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-6780.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-6780"
},
{
"cve": "CVE-2023-28531",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-28531 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-28531.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-28531"
},
{
"cve": "CVE-2023-38545",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38545 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-38545.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38546 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-38546.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44487 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-44487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46218",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information Into Sent Data",
"title": "CWE-201"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46218 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-46218.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46219",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46219 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-46219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-46219"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "other",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:L/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "other",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51384 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-51384.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51385 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-51385.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2023-52927",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52927 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-52927.json"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-2961",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2961 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-2961.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6119 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-6119.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6387 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-6387.json"
}
],
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12133 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12133.json"
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2024-12243",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12243 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12243.json"
}
],
"title": "CVE-2024-12243"
},
{
"cve": "CVE-2024-24855",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24855 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-24855.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-24855"
},
{
"cve": "CVE-2024-26596",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26596 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-26596.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-26596"
},
{
"cve": "CVE-2024-28085",
"cwe": {
"id": "CWE-268",
"name": "Privilege Chaining"
},
"notes": [
{
"category": "other",
"text": "Privilege Chaining",
"title": "CWE-268"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences",
"title": "CWE-150"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28085 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-28085.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-33599",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33599 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33599.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33600 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33600.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "other",
"text": "Reachable Assertion",
"title": "CWE-617"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33601 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33601.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "other",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33602 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33602.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34397",
"cwe": {
"id": "CWE-940",
"name": "Improper Verification of Source of a Communication Channel"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Source of a Communication Channel",
"title": "CWE-940"
},
{
"category": "other",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34397 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-34397.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-34397"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37370 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-37370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-41797",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41797 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-41797.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-41797"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45490 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45490.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45491 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45491.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-50246",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-50246 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-50246.json"
}
],
"title": "CVE-2024-50246"
},
{
"cve": "CVE-2024-53166",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-53166 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-53166.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-53166"
},
{
"cve": "CVE-2024-57977",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57977 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-57977.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-57977"
},
{
"cve": "CVE-2024-57996",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Array Index",
"title": "CWE-129"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57996 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-57996.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-58005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-58005 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-58005.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2025-0133",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-0133 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-0133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-0133"
},
{
"cve": "CVE-2025-4373",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"title": "CWE-124"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4373 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4373.json"
}
],
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4598 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4598.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-4598"
},
{
"cve": "CVE-2025-21701",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21701 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21701.json"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21702",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21702 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21702.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21712",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21712 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21712.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21712"
},
{
"cve": "CVE-2025-21724",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21724 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21724.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21728",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21728 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21728.json"
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21745",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "other",
"text": "Improper Update of Reference Count",
"title": "CWE-911"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21745 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21745.json"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21756",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21756 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21756.json"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21758",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21758 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21758.json"
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21765",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21765 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21765.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21766 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21766.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"cwe": {
"id": "CWE-332",
"name": "Insufficient Entropy in PRNG"
},
"notes": [
{
"category": "other",
"text": "Insufficient Entropy in PRNG",
"title": "CWE-332"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21767 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21767.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21795",
"cwe": {
"id": "CWE-371",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-371",
"title": "CWE-371"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21795 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21795.json"
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21796 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21796.json"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21848",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Use of NullPointerException Catch to Detect NULL Pointer Dereference",
"title": "CWE-395"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21848 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21848.json"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21862",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "other",
"text": "Improper Initialization",
"title": "CWE-665"
},
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21862 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21862.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"cwe": {
"id": "CWE-371",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-371",
"title": "CWE-371"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21864 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21864.json"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21865 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21865.json"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-310",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-310",
"title": "CWE-310"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26465 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-26465.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2025-31115",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"notes": [
{
"category": "other",
"text": "Race Condition within a Thread",
"title": "CWE-366"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Premature Release of Resource During Expected Lifetime",
"title": "CWE-826"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31115 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-31115"
},
{
"cve": "CVE-2025-32454",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32454 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32454.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-32454"
},
{
"cve": "CVE-2025-40567",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40567 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40567.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-40567"
},
{
"cve": "CVE-2025-40568",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40568 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40568.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-40568"
},
{
"cve": "CVE-2025-40569",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40569 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40569.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-40569"
},
{
"cve": "CVE-2025-40585",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "other",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40585 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40585.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-40585"
},
{
"cve": "CVE-2025-46836",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-46836 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-46836.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-46836"
}
]
}
CERTFR-2025-AVI-0410
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Les versions correctives pour la vulnérabilité CVE-2025-0133 sont prévus pour juin (PAN-OS 11.2.8), juillet (PAN-OS 11.1.11) et août 2025 (PAN-OS 10.2.17)
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions antérieures à 6.0.0 sans les derniers correctifs de sécurité | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.2.x antérieures à 11.2.5 | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions antérieures à 6.1.0 sans les derniers correctifs de sécurité | ||
| Palo Alto Networks | N/A | MetaDefender Endpoint Security versions antérieures à 4.3.4451 sur Windows | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions antérieures à 10.1.14-h14 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 10.2.x antérieures à 10.2.13 | ||
| Palo Alto Networks | Prisma Cloud Compute | Prisma Cloud Compute Edition versions antérieures à 34.00.141 | ||
| Palo Alto Networks | Prisma Access | Prisma Access Browser versions antérieures à 136.11.9.93 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.0.x antérieures à 11.0.7 | ||
| Palo Alto Networks | Cortex XDR Broker | Cortex XDR Broker VM versions antérieures à 26.0.119 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.1.x antérieures à 11.1.8 | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions 6.2.x antérieures à 6.2.8 sur macOS | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions 6.3.x antérieures à 6.3.3 sur macOS |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GlobalProtect App versions ant\u00e9rieures \u00e0 6.0.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.5",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions ant\u00e9rieures \u00e0 6.1.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "MetaDefender Endpoint Security versions ant\u00e9rieures \u00e0 4.3.4451 sur Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions ant\u00e9rieures \u00e0 10.1.14-h14",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 10.2.x ant\u00e9rieures \u00e0 10.2.13",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Cloud Compute Edition versions ant\u00e9rieures \u00e0 34.00.141",
"product": {
"name": "Prisma Cloud Compute",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 136.11.9.93",
"product": {
"name": "Prisma Access",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.0.x ant\u00e9rieures \u00e0 11.0.7",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Cortex XDR Broker VM versions ant\u00e9rieures \u00e0 26.0.119",
"product": {
"name": "Cortex XDR Broker",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.1.x ant\u00e9rieures \u00e0 11.1.8",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.8 sur macOS",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3 sur macOS",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
}
],
"affected_systems_content": "Les versions correctives pour la vuln\u00e9rabilit\u00e9 CVE-2025-0133 sont pr\u00e9vus pour juin (PAN-OS 11.2.8), juillet (PAN-OS 11.1.11) et ao\u00fbt 2025 (PAN-OS 10.2.17)",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-0135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0135"
},
{
"name": "CVE-2025-3066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
},
{
"name": "CVE-2025-0134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0134"
},
{
"name": "CVE-2025-3072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
},
{
"name": "CVE-2025-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0138"
},
{
"name": "CVE-2025-0131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0131"
},
{
"name": "CVE-2025-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
},
{
"name": "CVE-2025-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
},
{
"name": "CVE-2025-0137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0137"
},
{
"name": "CVE-2025-4096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
},
{
"name": "CVE-2025-4052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
},
{
"name": "CVE-2025-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
},
{
"name": "CVE-2025-0130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0130"
},
{
"name": "CVE-2025-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
},
{
"name": "CVE-2025-0133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0133"
},
{
"name": "CVE-2025-0132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0132"
},
{
"name": "CVE-2025-4372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
},
{
"name": "CVE-2025-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
},
{
"name": "CVE-2025-4050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
},
{
"name": "CVE-2025-0136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0136"
},
{
"name": "CVE-2025-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
},
{
"name": "CVE-2025-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
},
{
"name": "CVE-2025-3069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3069"
},
{
"name": "CVE-2025-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
},
{
"name": "CVE-2025-3070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3070"
}
],
"initial_release_date": "2025-05-15T00:00:00",
"last_revision_date": "2025-05-15T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0410",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
"vendor_advisories": [
{
"published_at": "2025-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0138",
"url": "https://security.paloaltonetworks.com/CVE-2025-0138"
},
{
"published_at": "2025-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0133",
"url": "https://security.paloaltonetworks.com/CVE-2025-0133"
},
{
"published_at": "2025-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0134",
"url": "https://security.paloaltonetworks.com/CVE-2025-0134"
},
{
"published_at": "2025-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0131",
"url": "https://security.paloaltonetworks.com/CVE-2025-0131"
},
{
"published_at": "2025-06-06",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0135",
"url": "https://security.paloaltonetworks.com/CVE-2025-0135"
},
{
"published_at": "2025-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0137",
"url": "https://security.paloaltonetworks.com/CVE-2025-0137"
},
{
"published_at": "2025-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0132",
"url": "https://security.paloaltonetworks.com/CVE-2025-0132"
},
{
"published_at": "2025-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2025-0009",
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0009"
},
{
"published_at": "2025-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0136",
"url": "https://security.paloaltonetworks.com/CVE-2025-0136"
},
{
"published_at": "2025-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0130",
"url": "https://security.paloaltonetworks.com/CVE-2025-0130"
}
]
}
fkie_cve-2025-0133
Vulnerability from fkie_nvd
Published
2025-05-14 19:15
Modified
2025-05-16 14:43
Severity ?
Summary
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft—particularly if you enabled Clientless VPN.
There is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.
For GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect\u2122 gateway and portal features of Palo Alto Networks PAN-OS\u00ae software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user\u0027s browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft\u2014particularly if you enabled Clientless VPN.\n\nThere is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.\n\n\n\nFor GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN."
},
{
"lang": "es",
"value": "Una vulnerabilidad cross-site scripting (XSS) reflejado en las funciones de portal y puerta de enlace de GlobalProtect\u2122 del software PAN-OS\u00ae de Palo Alto Networks permite la ejecuci\u00f3n de JavaScript malicioso en el navegador de un usuario autenticado de un portal cautivo al hacer clic en un enlace especialmente manipulado. El principal riesgo son los ataques de phishing que pueden provocar el robo de credenciales, especialmente si se ha habilitado la VPN sin cliente. No se ha visto afectada la disponibilidad de las funciones ni los usuarios de GlobalProtect. Los atacantes no pueden usar esta vulnerabilidad para manipular o modificar el contenido o la configuraci\u00f3n del portal o las puertas de enlace de GlobalProtect. El impacto en la integridad de esta vulnerabilidad se limita a permitir que un atacante cree enlaces de phishing y robo de credenciales que parecen estar alojados en el portal de GlobalProtect. Para los usuarios de GlobalProtect con la VPN sin cliente habilitada, el impacto en la confidencialidad es limitado debido a los riesgos inherentes de la VPN sin cliente que facilitan el robo de credenciales. Puede obtener m\u00e1s informaci\u00f3n sobre este riesgo en el bolet\u00edn informativo PAN-SA-2025-0005 (https://security.paloaltonetworks.com/PAN-SA-2025-0005). La confidencialidad de los usuarios de GlobalProtect no se ve afectada si no habilita (o deshabilita) la VPN sin cliente."
}
],
"id": "CVE-2025-0133",
"lastModified": "2025-05-16T14:43:56.797",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2025-05-14T19:15:51.517",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"url": "https://security.paloaltonetworks.com/CVE-2025-0133"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
}
ssa-513708
Vulnerability from csaf_siemens
Published
2025-06-10 00:00
Modified
2025-10-14 00:00
Summary
SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices
Notes
Summary
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.
Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.
[1] https://security.paloaltonetworks.com/
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks\u0027 upstream security notifications.\n\n[1] https://security.paloaltonetworks.com/",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-513708.html"
},
{
"category": "self",
"summary": "SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-513708.json"
}
],
"title": "SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices",
"tracking": {
"current_release_date": "2025-10-14T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-513708",
"initial_release_date": "2025-06-10T00:00:00Z",
"revision_history": [
{
"date": "2025-06-10T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-07-08T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added CVE-2025-4229 and CVE-2025-4230"
},
{
"date": "2025-10-14T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added CVE-2025-4614 and CVE-2025-4615"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "1"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "2"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "3"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM APE1808"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0133",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect\u2122 gateway and portal features of Palo Alto Networks PAN-OS\u00ae software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user\u0027s browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft\u2014particularly if you enabled Clientless VPN.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Disable Clientless VPN. For additional mitigation measures, refer to Palo Alto Networks\u0027 Security Advisory",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-0133"
},
{
"cve": "CVE-2025-4229",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"category": "summary",
"text": "An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS\u00ae software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"2"
]
}
],
"title": "CVE-2025-4229"
},
{
"cve": "CVE-2025-4230",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A command injection vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"3"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Restrict CLI access to a limited group of administrators",
"product_ids": [
"3"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"3"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"3"
]
}
],
"title": "CVE-2025-4230"
},
{
"cve": "CVE-2025-4614",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"category": "summary",
"text": "An information disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"4"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Restrict CLI access to a limited group of administrators",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"4"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"4"
]
}
],
"title": "CVE-2025-4614"
},
{
"cve": "CVE-2025-4615",
"cwe": {
"id": "CWE-83",
"name": "Improper Neutralization of Script in Attributes in a Web Page"
},
"notes": [
{
"category": "summary",
"text": "An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"3"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Restrict CLI access to a limited group of administrators",
"product_ids": [
"3"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"3"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"3"
]
}
],
"title": "CVE-2025-4615"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…