github
diff --git a/‎advisories/unreviewed/2024/04/GHSA-6vwq-6fjp-322j/GHSA-6vwq-6fjp-322j.json‎
Lines changed: 2 additions & 2 deletions b/‎advisories/unreviewed/2024/04/GHSA-6vwq-6fjp-322j/GHSA-6vwq-6fjp-322j.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎advisories/unreviewed/2024/04/GHSA-c4qr-mpj2-hxhr/GHSA-c4qr-mpj2-hxhr.json‎
Lines changed: 5 additions & 1 deletion b/‎advisories/unreviewed/2024/04/GHSA-c4qr-mpj2-hxhr/GHSA-c4qr-mpj2-hxhr.json‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎advisories/unreviewed/2024/04/GHSA-w24g-q24f-q94h/GHSA-w24g-q24f-q94h.json‎
Lines changed: 2 additions & 2 deletions b/‎advisories/unreviewed/2024/04/GHSA-w24g-q24f-q94h/GHSA-w24g-q24f-q94h.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎advisories/unreviewed/2024/05/GHSA-3p2h-8x46-gvg6/GHSA-3p2h-8x46-gvg6.json‎
Lines changed: 15 additions & 4 deletions b/‎advisories/unreviewed/2024/05/GHSA-3p2h-8x46-gvg6/GHSA-3p2h-8x46-gvg6.json‎
Lines changed: 15 additions & 4 deletions
diff --git a/‎advisories/unreviewed/2024/05/GHSA-45cm-4v3w-5jpw/GHSA-45cm-4v3w-5jpw.json‎
Lines changed: 11 additions & 4 deletions b/‎advisories/unreviewed/2024/05/GHSA-45cm-4v3w-5jpw/GHSA-45cm-4v3w-5jpw.json‎
Lines changed: 11 additions & 4 deletions
diff --git a/‎advisories/unreviewed/2024/05/GHSA-vvqv-hjv4-6q76/GHSA-vvqv-hjv4-6q76.json‎
Lines changed: 11 additions & 4 deletions b/‎advisories/unreviewed/2024/05/GHSA-vvqv-hjv4-6q76/GHSA-vvqv-hjv4-6q76.json‎
Lines changed: 11 additions & 4 deletions
diff --git a/‎advisories/unreviewed/2024/05/GHSA-wjqf-4c62-v6g5/GHSA-wjqf-4c62-v6g5.json‎
Lines changed: 8 additions & 3 deletions b/‎advisories/unreviewed/2024/05/GHSA-wjqf-4c62-v6g5/GHSA-wjqf-4c62-v6g5.json‎
Lines changed: 8 additions & 3 deletions
diff --git a/‎advisories/unreviewed/2024/05/GHSA-wmmp-mchh-75gf/GHSA-wmmp-mchh-75gf.json‎
Lines changed: 8 additions & 3 deletions b/‎advisories/unreviewed/2024/05/GHSA-wmmp-mchh-75gf/GHSA-wmmp-mchh-75gf.json‎
Lines changed: 8 additions & 3 deletions
diff --git a/‎advisories/unreviewed/2024/11/GHSA-vw9p-qc5q-j6rw/GHSA-vw9p-qc5q-j6rw.json‎
Lines changed: 5 additions & 1 deletion b/‎advisories/unreviewed/2024/11/GHSA-vw9p-qc5q-j6rw/GHSA-vw9p-qc5q-j6rw.json‎
Lines changed: 5 additions & 1 deletion
@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6vwq-6fjp-322j",
-  "modified": "2024-04-24T09:30:32Z",
+  "modified": "2026-01-22T21:33:37Z",
   "published": "2024-04-24T09:30:32Z",
   "aliases": [
     "CVE-2024-32706"
   ],
-  "details": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute info systems ARForms.This issue affects ARForms: from n/a through 6.4.\n\n",
+  "details": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute info systems ARForms.This issue affects ARForms: from n/a through 6.4.",
   "severity": [
     {
       "type": "CVSS_V3",
 
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c4qr-mpj2-hxhr",
-  "modified": "2025-04-08T18:34:11Z",
+  "modified": "2026-01-22T21:33:37Z",
   "published": "2024-04-12T15:37:21Z",
   "aliases": [
     "CVE-2023-51409"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51409"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2023-51409"
+    },
     {
       "type": "WEB",
       "url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-1-9-98-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve"
 
@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-w24g-q24f-q94h",
-  "modified": "2024-04-24T12:30:42Z",
+  "modified": "2026-01-22T21:33:37Z",
   "published": "2024-04-24T12:30:42Z",
   "aliases": [
     "CVE-2024-32702"
   ],
-  "details": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute info systems ARForms allows Reflected XSS.This issue affects ARForms: from n/a through 6.4.\n\n",
+  "details": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute info systems ARForms allows Reflected XSS.This issue affects ARForms: from n/a through 6.4.",
   "severity": [
     {
       "type": "CVSS_V3",
 
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3p2h-8x46-gvg6",
-  "modified": "2024-06-27T15:30:38Z",
+  "modified": "2026-01-22T21:33:38Z",
   "published": "2024-05-14T15:32:53Z",
   "aliases": [
     "CVE-2024-27399"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout\n\nThere is a race condition between l2cap_chan_timeout() and\nl2cap_chan_del(). When we use l2cap_chan_del() to delete the\nchannel, the chan->conn will be set to null. But the conn could\nbe dereferenced again in the mutex_lock() of l2cap_chan_timeout().\nAs a result the null pointer dereference bug will happen. The\nKASAN report triggered by POC is shown below:\n\n[  472.074580] ==================================================================\n[  472.075284] BUG: KASAN: null-ptr-deref in mutex_lock+0x68/0xc0\n[  472.075308] Write of size 8 at addr 0000000000000158 by task kworker/0:0/7\n[  472.075308]\n[  472.075308] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.9.0-rc5-00356-g78c0094a146b #36\n[  472.075308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[  472.075308] Workqueue: events l2cap_chan_timeout\n[  472.075308] Call Trace:\n[  472.075308]  <TASK>\n[  472.075308]  dump_stack_lvl+0x137/0x1a0\n[  472.075308]  print_report+0x101/0x250\n[  472.075308]  ? __virt_addr_valid+0x77/0x160\n[  472.075308]  ? mutex_lock+0x68/0xc0\n[  472.075308]  kasan_report+0x139/0x170\n[  472.075308]  ? mutex_lock+0x68/0xc0\n[  472.075308]  kasan_check_range+0x2c3/0x2e0\n[  472.075308]  mutex_lock+0x68/0xc0\n[  472.075308]  l2cap_chan_timeout+0x181/0x300\n[  472.075308]  process_one_work+0x5d2/0xe00\n[  472.075308]  worker_thread+0xe1d/0x1660\n[  472.075308]  ? pr_cont_work+0x5e0/0x5e0\n[  472.075308]  kthread+0x2b7/0x350\n[  472.075308]  ? pr_cont_work+0x5e0/0x5e0\n[  472.075308]  ? kthread_blkcg+0xd0/0xd0\n[  472.075308]  ret_from_fork+0x4d/0x80\n[  472.075308]  ? kthread_blkcg+0xd0/0xd0\n[  472.075308]  ret_from_fork_asm+0x11/0x20\n[  472.075308]  </TASK>\n[  472.075308] ==================================================================\n[  472.094860] Disabling lock debugging due to kernel taint\n[  472.096136] BUG: kernel NULL pointer dereference, address: 0000000000000158\n[  472.096136] #PF: supervisor write access in kernel mode\n[  472.096136] #PF: error_code(0x0002) - not-present page\n[  472.096136] PGD 0 P4D 0\n[  472.096136] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI\n[  472.096136] CPU: 0 PID: 7 Comm: kworker/0:0 Tainted: G    B              6.9.0-rc5-00356-g78c0094a146b #36\n[  472.096136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[  472.096136] Workqueue: events l2cap_chan_timeout\n[  472.096136] RIP: 0010:mutex_lock+0x88/0xc0\n[  472.096136] Code: be 08 00 00 00 e8 f8 23 1f fd 4c 89 f7 be 08 00 00 00 e8 eb 23 1f fd 42 80 3c 23 00 74 08 48 88\n[  472.096136] RSP: 0018:ffff88800744fc78 EFLAGS: 00000246\n[  472.096136] RAX: 0000000000000000 RBX: 1ffff11000e89f8f RCX: ffffffff8457c865\n[  472.096136] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88800744fc78\n[  472.096136] RBP: 0000000000000158 R08: ffff88800744fc7f R09: 1ffff11000e89f8f\n[  472.096136] R10: dffffc0000000000 R11: ffffed1000e89f90 R12: dffffc0000000000\n[  472.096136] R13: 0000000000000158 R14: ffff88800744fc78 R15: ffff888007405a00\n[  472.096136] FS:  0000000000000000(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000\n[  472.096136] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  472.096136] CR2: 0000000000000158 CR3: 000000000da32000 CR4: 00000000000006f0\n[  472.096136] Call Trace:\n[  472.096136]  <TASK>\n[  472.096136]  ? __die_body+0x8d/0xe0\n[  472.096136]  ? page_fault_oops+0x6b8/0x9a0\n[  472.096136]  ? kernelmode_fixup_or_oops+0x20c/0x2a0\n[  472.096136]  ? do_user_addr_fault+0x1027/0x1340\n[  472.096136]  ? _printk+0x7a/0xa0\n[  472.096136]  ? mutex_lock+0x68/0xc0\n[  472.096136]  ? add_taint+0x42/0xd0\n[  472.096136]  ? exc_page_fault+0x6a/0x1b0\n[  472.096136]  ? asm_exc_page_fault+0x26/0x30\n[  472.096136]  ? mutex_lock+0x75/0xc0\n[  472.096136]  ? mutex_lock+0x88/0xc0\n[  472.096136]  ? mutex_lock+0x75/0xc0\n[  472.096136]  l2cap_chan_timeo\n---truncated---",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -61,11 +66,17 @@
     {
       "type": "WEB",
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20240926-0001"
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-476"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2024-05-14T15:12:28Z"
 
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-45cm-4v3w-5jpw",
-  "modified": "2024-11-30T09:30:46Z",
+  "modified": "2026-01-22T21:33:38Z",
   "published": "2024-05-14T15:32:53Z",
   "aliases": [
     "CVE-2024-27398"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n    Cleanup Thread               |      Worker Thread\nsco_sock_release                 |\n  sco_sock_close                 |\n    __sco_sock_close             |\n      sco_sock_set_timer         |\n        schedule_delayed_work    |\n  sco_sock_kill                  |    (wait a time)\n    sock_put(sk) //FREE          |  sco_sock_timeout\n                                 |    sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[   95.890016] ==================================================================\n[   95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[   95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[   95.890755] Workqueue: events sco_sock_timeout\n[   95.890755] Call Trace:\n[   95.890755]  <TASK>\n[   95.890755]  dump_stack_lvl+0x45/0x110\n[   95.890755]  print_address_description+0x78/0x390\n[   95.890755]  print_report+0x11b/0x250\n[   95.890755]  ? __virt_addr_valid+0xbe/0xf0\n[   95.890755]  ? sco_sock_timeout+0x5e/0x1c0\n[   95.890755]  kasan_report+0x139/0x170\n[   95.890755]  ? update_load_avg+0xe5/0x9f0\n[   95.890755]  ? sco_sock_timeout+0x5e/0x1c0\n[   95.890755]  kasan_check_range+0x2c3/0x2e0\n[   95.890755]  sco_sock_timeout+0x5e/0x1c0\n[   95.890755]  process_one_work+0x561/0xc50\n[   95.890755]  worker_thread+0xab2/0x13c0\n[   95.890755]  ? pr_cont_work+0x490/0x490\n[   95.890755]  kthread+0x279/0x300\n[   95.890755]  ? pr_cont_work+0x490/0x490\n[   95.890755]  ? kthread_blkcg+0xa0/0xa0\n[   95.890755]  ret_from_fork+0x34/0x60\n[   95.890755]  ? kthread_blkcg+0xa0/0xa0\n[   95.890755]  ret_from_fork_asm+0x11/0x20\n[   95.890755]  </TASK>\n[   95.890755]\n[   95.890755] Allocated by task 506:\n[   95.890755]  kasan_save_track+0x3f/0x70\n[   95.890755]  __kasan_kmalloc+0x86/0x90\n[   95.890755]  __kmalloc+0x17f/0x360\n[   95.890755]  sk_prot_alloc+0xe1/0x1a0\n[   95.890755]  sk_alloc+0x31/0x4e0\n[   95.890755]  bt_sock_alloc+0x2b/0x2a0\n[   95.890755]  sco_sock_create+0xad/0x320\n[   95.890755]  bt_sock_create+0x145/0x320\n[   95.890755]  __sock_create+0x2e1/0x650\n[   95.890755]  __sys_socket+0xd0/0x280\n[   95.890755]  __x64_sys_socket+0x75/0x80\n[   95.890755]  do_syscall_64+0xc4/0x1b0\n[   95.890755]  entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[   95.890755]\n[   95.890755] Freed by task 506:\n[   95.890755]  kasan_save_track+0x3f/0x70\n[   95.890755]  kasan_save_free_info+0x40/0x50\n[   95.890755]  poison_slab_object+0x118/0x180\n[   95.890755]  __kasan_slab_free+0x12/0x30\n[   95.890755]  kfree+0xb2/0x240\n[   95.890755]  __sk_destruct+0x317/0x410\n[   95.890755]  sco_sock_release+0x232/0x280\n[   95.890755]  sock_close+0xb2/0x210\n[   95.890755]  __fput+0x37f/0x770\n[   95.890755]  task_work_run+0x1ae/0x210\n[   95.890755]  get_signal+0xe17/0xf70\n[   95.890755]  arch_do_signal_or_restart+0x3f/0x520\n[   95.890755]  syscall_exit_to_user_mode+0x55/0x120\n[   95.890755]  do_syscall_64+0xd1/0x1b0\n[   95.890755]  entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[   95.890755]\n[   95.890755] The buggy address belongs to the object at ffff88800c388000\n[   95.890755]  which belongs to the cache kmalloc-1k of size 1024\n[   95.890755] The buggy address is located 128 bytes inside of\n[   95.890755]  freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[   95.890755]\n[   95.890755] The buggy address belongs to the physical page:\n[   95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[   95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[   95.890755] ano\n---truncated---",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -80,8 +85,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-416"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2024-05-14T15:12:28Z"
 
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-vvqv-hjv4-6q76",
-  "modified": "2024-06-26T00:31:42Z",
+  "modified": "2026-01-22T21:33:38Z",
   "published": "2024-05-17T15:31:08Z",
   "aliases": [
     "CVE-2024-35785"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix kernel panic caused by incorrect error handling\n\nThe error path while failing to register devices on the TEE bus has a\nbug leading to kernel panic as follows:\n\n[   15.398930] Unable to handle kernel paging request at virtual address ffff07ed00626d7c\n[   15.406913] Mem abort info:\n[   15.409722]   ESR = 0x0000000096000005\n[   15.413490]   EC = 0x25: DABT (current EL), IL = 32 bits\n[   15.418814]   SET = 0, FnV = 0\n[   15.421878]   EA = 0, S1PTW = 0\n[   15.425031]   FSC = 0x05: level 1 translation fault\n[   15.429922] Data abort info:\n[   15.432813]   ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n[   15.438310]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[   15.443372]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[   15.448697] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000000d9e3e000\n[   15.455413] [ffff07ed00626d7c] pgd=1800000bffdf9003, p4d=1800000bffdf9003, pud=0000000000000000\n[   15.464146] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n\nCommit 7269cba53d90 (\"tee: optee: Fix supplicant based device enumeration\")\nlead to the introduction of this bug. So fix it appropriately.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -44,8 +49,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-754"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2024-05-17T13:15:58Z"
 
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-wjqf-4c62-v6g5",
-  "modified": "2024-06-26T00:31:43Z",
+  "modified": "2026-01-22T21:33:38Z",
   "published": "2024-05-19T09:34:46Z",
   "aliases": [
     "CVE-2024-35871"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: process: Fix kernel gp leakage\n\nchildregs represents the registers which are active for the new thread\nin user context. For a kernel thread, childregs->gp is never used since\nthe kernel gp is not touched by switch_to. For a user mode helper, the\ngp value can be observed in user space after execve or possibly by other\nmeans.\n\n[From the email thread]\n\nThe /* Kernel thread */ comment is somewhat inaccurate in that it is also used\nfor user_mode_helper threads, which exec a user process, e.g. /sbin/init or\nwhen /proc/sys/kernel/core_pattern is a pipe. Such threads do not have\nPF_KTHREAD set and are valid targets for ptrace etc. even before they exec.\n\nchildregs is the *user* context during syscall execution and it is observable\nfrom userspace in at least five ways:\n\n1. kernel_execve does not currently clear integer registers, so the starting\n   register state for PID 1 and other user processes started by the kernel has\n   sp = user stack, gp = kernel __global_pointer$, all other integer registers\n   zeroed by the memset in the patch comment.\n\n   This is a bug in its own right, but I'm unwilling to bet that it is the only\n   way to exploit the issue addressed by this patch.\n\n2. ptrace(PTRACE_GETREGSET): you can PTRACE_ATTACH to a user_mode_helper thread\n   before it execs, but ptrace requires SIGSTOP to be delivered which can only\n   happen at user/kernel boundaries.\n\n3. /proc/*/task/*/syscall: this is perfectly happy to read pt_regs for\n   user_mode_helpers before the exec completes, but gp is not one of the\n   registers it returns.\n\n4. PERF_SAMPLE_REGS_USER: LOCKDOWN_PERF normally prevents access to kernel\n   addresses via PERF_SAMPLE_REGS_INTR, but due to this bug kernel addresses\n   are also exposed via PERF_SAMPLE_REGS_USER which is permitted under\n   LOCKDOWN_PERF. I have not attempted to write exploit code.\n\n5. Much of the tracing infrastructure allows access to user registers. I have\n   not attempted to determine which forms of tracing allow access to user\n   registers without already allowing access to kernel registers.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -45,7 +50,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2024-05-19T09:15:08Z"
 
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-wmmp-mchh-75gf",
-  "modified": "2024-06-27T15:30:38Z",
+  "modified": "2026-01-22T21:33:38Z",
   "published": "2024-05-14T15:32:53Z",
   "aliases": [
     "CVE-2024-27401"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: nosy: ensure user_length is taken into account when fetching packet contents\n\nEnsure that packet_buffer_get respects the user_length provided. If\nthe length of the head packet exceeds the user_length, packet_buffer_get\nwill now return 0 to signify to the user that no data were read\nand a larger buffer size is required. Helps prevent user space overflows.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -65,7 +70,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2024-05-14T15:12:29Z"
 
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-vw9p-qc5q-j6rw",
-  "modified": "2024-11-11T06:30:34Z",
+  "modified": "2026-01-22T21:33:39Z",
   "published": "2024-11-11T06:30:34Z",
   "aliases": [
     "CVE-2024-51793"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51793"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-51793"
+    },
     {
       "type": "WEB",
       "url": "https://patchstack.com/database/vulnerability/computer-repair-shop/wordpress-repairbuddy-plugin-3-8115-arbitrary-file-upload-vulnerability?_s_id=cve"