admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-06-12 11:00:31 +00:00
parent 906b06aa89
commit 02dd9f4f96
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
57 changed files with 2188 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
2023/25xxx/CVE-2023-25030.json
View File

@ -1,17 +1,122 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25030",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through 3.7."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Buy Me a Coffee",
"product": {
"product_data": [
{
"product_name": "Buy Me a Coffee",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "3.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/buymeacoffee/wordpress-buy-me-a-coffee-plugin-3-7-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/buymeacoffee/wordpress-buy-me-a-coffee-plugin-3-7-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 3.8 or a higher version."
}
],
"value": "Update to 3.8 or a higher version."
}
],
"credits": [
{
"lang": "en",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}

85
2023/38xxx/CVE-2023-38395.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38395",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through 1.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Afzal Multani",
"product": {
"product_data": [
{
"product_name": "WP Clone Menu",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "1.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/clone-menu/wordpress-wp-clone-menu-plugin-1-0-1-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/clone-menu/wordpress-wp-clone-menu-plugin-1-0-1-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
]
}

85
2023/40xxx/CVE-2023-40209.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40209",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Himalaya Saxena Highcompress Image Compressor.This issue affects Highcompress Image Compressor: from n/a through 6.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Himalaya Saxena",
"product": {
"product_data": [
{
"product_name": "Highcompress Image Compressor",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "6.0.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/high-compress/wordpress-highcompress-image-compressor-plugin-4-0-0-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/high-compress/wordpress-highcompress-image-compressor-plugin-4-0-0-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

85
2023/40xxx/CVE-2023-40603.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40603",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Gangesh Matta Simple Org Chart.This issue affects Simple Org Chart: from n/a through 2.3.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Gangesh Matta",
"product": {
"product_data": [
{
"product_name": "Simple Org Chart",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "2.3.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/simple-org-chart/wordpress-simple-org-chart-plugin-2-3-4-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/simple-org-chart/wordpress-simple-org-chart-plugin-2-3-4-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}

85
2023/40xxx/CVE-2023-40672.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40672",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Hardik Chavada Sticky Social Media Icons.This issue affects Sticky Social Media Icons: from n/a through 2.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hardik Chavada",
"product": {
"product_data": [
{
"product_name": "Sticky Social Media Icons",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/sticky-social-media-icons/wordpress-sticky-social-media-icons-plugin-1-4-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/sticky-social-media-icons/wordpress-sticky-social-media-icons-plugin-1-4-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Nguyen Xuan Chien (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
]
}

85
2023/41xxx/CVE-2023-41240.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41240",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Vark Pricing Deals for WooCommerce.This issue affects Pricing Deals for WooCommerce: from n/a through 2.0.3.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vark",
"product": {
"product_data": [
{
"product_name": "Pricing Deals for WooCommerce",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "2.0.3.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/pricing-deals-for-woocommerce/wordpress-pricing-deals-for-woocommercepricing-deals-for-woocommerce-plugin-2-0-3-2-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/pricing-deals-for-woocommerce/wordpress-pricing-deals-for-woocommercepricing-deals-for-woocommerce-plugin-2-0-3-2-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "thiennv (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}

10
2023/42xxx/CVE-2023-42883.json
View File

@ -132,6 +132,16 @@
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT214041"
},
{
"url": "https://support.apple.com/kb/HT214034",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214034"
},
{
"url": "https://support.apple.com/kb/HT214039",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214039"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Dec/9",
"refsource": "MISC",

5
2023/42xxx/CVE-2023-42890.json
View File

@ -127,6 +127,11 @@
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT214041"
},
{
"url": "https://support.apple.com/kb/HT214039",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214039"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Dec/9",
"refsource": "MISC",

10
2023/42xxx/CVE-2023-42916.json
View File

@ -93,6 +93,11 @@
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT214031"
},
{
"url": "https://support.apple.com/kb/HT214033",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214033"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/05/1",
"refsource": "MISC",
@ -108,6 +113,11 @@
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/"
},
{
"url": "https://support.apple.com/kb/HT214034",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214034"
},
{
"url": "https://www.debian.org/security/2023/dsa-5575",
"refsource": "MISC",

10
2023/42xxx/CVE-2023-42917.json
View File

@ -93,6 +93,11 @@
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT214031"
},
{
"url": "https://support.apple.com/kb/HT214033",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214033"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/05/1",
"refsource": "MISC",
@ -108,6 +113,11 @@
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/"
},
{
"url": "https://support.apple.com/kb/HT214034",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214034"
},
{
"url": "https://www.debian.org/security/2023/dsa-5575",
"refsource": "MISC",

5
2023/42xxx/CVE-2023-42950.json
View File

@ -127,6 +127,11 @@
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT214041"
},
{
"url": "https://support.apple.com/kb/HT214039",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214039"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/26/1",
"refsource": "MISC",

5
2023/42xxx/CVE-2023-42956.json
View File

@ -93,6 +93,11 @@
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT214036"
},
{
"url": "https://support.apple.com/kb/HT214039",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214039"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/26/1",
"refsource": "MISC",

85
2023/44xxx/CVE-2023-44234.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-44234",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through 1.7.08."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Bastianon Massimo",
"product": {
"product_data": [
{
"product_name": "WP GPX Map",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "1.7.08"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/wp-gpx-maps/wordpress-wp-gpx-maps-plugin-1-7-05-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/wp-gpx-maps/wordpress-wp-gpx-maps-plugin-1-7-05-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}

85
2023/47xxx/CVE-2023-47828.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-47828",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Mandrill wpMandrill.This issue affects wpMandrill: from n/a through 1.33."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mandrill",
"product": {
"product_data": [
{
"product_name": "wpMandrill",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "1.33"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/wpmandrill/wordpress-wpmandrill-plugin-1-33-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/wpmandrill/wordpress-wpmandrill-plugin-1-33-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

85
2023/47xxx/CVE-2023-47845.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-47845",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & Save.This issue affects Grab & Save: from n/a through 1.0.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Lim Kai Yang",
"product": {
"product_data": [
{
"product_name": "Grab & Save",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "1.0.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/save-grab/wordpress-grab-save-plugin-1-0-4-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/save-grab/wordpress-grab-save-plugin-1-0-4-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Dimas Maulana (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}

85
2023/48xxx/CVE-2023-48280.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-48280",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Consensu.IO Consensu.Io.This issue affects Consensu.Io: from n/a through 1.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Consensu.IO",
"product": {
"product_data": [
{
"product_name": "Consensu.io",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "1.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/consensu-io/wordpress-consensu-io-plugin-1-0-1-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/consensu-io/wordpress-consensu-io-plugin-1-0-1-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Skalucy (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

96
2023/51xxx/CVE-2023-51413.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51413",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Piotnet Forms.This issue affects Piotnet Forms: from n/a through 1.0.29."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/piotnetforms/wordpress-piotnet-forms-plugin-1-0-25-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/piotnetforms/wordpress-piotnet-forms-plugin-1-0-25-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.0.30 or a higher version."
}
],
"value": "Update to 1.0.30 or a higher version."
}
],
"credits": [
{
"lang": "en",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}

113
2023/51xxx/CVE-2023-51524.json
View File

@ -1,17 +1,122 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51524",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.18."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "weForms",
"product": {
"product_data": [
{
"product_name": "weForms",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "1.6.19",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.6.18",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/weforms/wordpress-weforms-plugin-1-6-18-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/weforms/wordpress-weforms-plugin-1-6-18-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.6.19 or a higher version."
}
],
"value": "Update to 1.6.19 or a higher version."
}
],
"credits": [
{
"lang": "en",
"value": "emad (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

113
2023/51xxx/CVE-2023-51526.json
View File

@ -1,17 +1,122 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51526",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Brett Shumaker Simple Staff List.This issue affects Simple Staff List: from n/a through 2.2.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Brett Shumaker",
"product": {
"product_data": [
{
"product_name": "Simple Staff List",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "2.2.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.2.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/simple-staff-list/wordpress-simple-staff-list-plugin-2-2-4-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/simple-staff-list/wordpress-simple-staff-list-plugin-2-2-4-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 2.2.5 or a higher version."
}
],
"value": "Update to 2.2.5 or a higher version."
}
],
"credits": [
{
"lang": "en",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

113
2023/51xxx/CVE-2023-51537.json
View File

@ -1,17 +1,122 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51537",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Awesome Support Team",
"product": {
"product_data": [
{
"product_name": "Awesome Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "6.1.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.1.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/awesome-support/wordpress-awesome-support-plugin-6-1-5-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/awesome-support/wordpress-awesome-support-plugin-6-1-5-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 6.1.6 or a higher version."
}
],
"value": "Update to 6.1.6 or a higher version."
}
],
"credits": [
{
"lang": "en",
"value": "Brandon Roldan (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

45
2023/5xxx/CVE-2023-5090.json
View File

@ -35,6 +35,41 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.69.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.69.1.rt14.354.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -113,6 +148,16 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3854",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3854"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3855",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3855"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5090",
"refsource": "MISC",

2
2023/6xxx/CVE-2023-6134.json
View File

@ -98,7 +98,7 @@
}
},
{
"product_name": "Red Hat Single Sign-On 7.0",
"product_name": "Red Hat Single Sign-On 7",
"version": {
"version_data": [
{

2
2023/6xxx/CVE-2023-6291.json
View File

@ -98,7 +98,7 @@
}
},
{
"product_name": "Red Hat Single Sign-On 7.0",
"product_name": "Red Hat Single Sign-On 7",
"version": {
"version_data": [
{

26
2023/6xxx/CVE-2023-6356.json
View File

@ -91,6 +91,27 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-477.58.1.el8_8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
@ -258,6 +279,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1248"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3810",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3810"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6356",
"refsource": "MISC",

2
2023/6xxx/CVE-2023-6484.json
View File

@ -98,7 +98,7 @@
}
},
{
"product_name": "Red Hat Single Sign-On 7.0",
"product_name": "Red Hat Single Sign-On 7",
"version": {
"version_data": [
{

26
2023/6xxx/CVE-2023-6535.json
View File

@ -91,6 +91,27 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-477.58.1.el8_8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
@ -258,6 +279,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1248"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3810",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3810"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6535",
"refsource": "MISC",

26
2023/6xxx/CVE-2023-6536.json
View File

@ -91,6 +91,27 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-477.58.1.el8_8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
@ -258,6 +279,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1248"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3810",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3810"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6536",
"refsource": "MISC",

2
2023/6xxx/CVE-2023-6927.json
View File

@ -70,7 +70,7 @@
}
},
{
"product_name": "Red Hat Single Sign-On 7.0",
"product_name": "Red Hat Single Sign-On 7",
"version": {
"version_data": [
{

15
2024/23xxx/CVE-2024-23206.json
View File

@ -142,11 +142,26 @@
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214063"
},
{
"url": "https://support.apple.com/kb/HT214059",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214059"
},
{
"url": "https://support.apple.com/kb/HT214061",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214061"
},
{
"url": "https://support.apple.com/kb/HT214055",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214055"
},
{
"url": "https://support.apple.com/kb/HT214056",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214056"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/27",
"refsource": "MISC",

15
2024/23xxx/CVE-2024-23213.json
View File

@ -142,11 +142,26 @@
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214063"
},
{
"url": "https://support.apple.com/kb/HT214059",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214059"
},
{
"url": "https://support.apple.com/kb/HT214061",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214061"
},
{
"url": "https://support.apple.com/kb/HT214055",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214055"
},
{
"url": "https://support.apple.com/kb/HT214056",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214056"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/27",
"refsource": "MISC",

5
2024/23xxx/CVE-2024-23214.json
View File

@ -86,6 +86,11 @@
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214063"
},
{
"url": "https://support.apple.com/kb/HT214059",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214059"
},
{
"url": "https://support.apple.com/kb/HT214061",
"refsource": "MISC",

15
2024/23xxx/CVE-2024-23222.json
View File

@ -98,6 +98,11 @@
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214063"
},
{
"url": "https://support.apple.com/kb/HT214059",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214059"
},
{
"url": "https://support.apple.com/kb/HT214057",
"refsource": "MISC",
@ -112,6 +117,16 @@
"url": "https://support.apple.com/kb/HT214061",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214061"
},
{
"url": "https://support.apple.com/kb/HT214055",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214055"
},
{
"url": "https://support.apple.com/kb/HT214056",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214056"
}
]
}

15
2024/23xxx/CVE-2024-23271.json
View File

@ -132,10 +132,25 @@
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214060"
},
{
"url": "https://support.apple.com/kb/HT214059",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214059"
},
{
"url": "https://support.apple.com/kb/HT214061",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214061"
},
{
"url": "https://support.apple.com/kb/HT214055",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214055"
},
{
"url": "https://support.apple.com/kb/HT214056",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214056"
}
]
}

80
2024/2xxx/CVE-2024-2092.json
View File

@ -1,17 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2092",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Twitter Widget in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "webtechstreet",
"product": {
"product_data": [
{
"product_name": "Elementor Addon Elements",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.13.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/67790c0b-c078-4955-a175-977a695392fc?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/67790c0b-c078-4955-a175-977a695392fc?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/twitter/widgets/twitter.php#L712",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/twitter/widgets/twitter.php#L712"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3077362%40addon-elements-for-elementor-page-builder%2Ftrunk&old=3058768%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail=",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3077362%40addon-elements-for-elementor-page-builder%2Ftrunk&old=3058768%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail="
}
]
},
"credits": [
{
"lang": "en",
"value": "wesley"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
}
]
}

78
2024/2xxx/CVE-2024-2199.json
View File

@ -35,6 +35,48 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.3.11.1-5.el7_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.4.5-8.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Directory Server 11",
"version": {
@ -74,19 +116,6 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
@ -99,19 +128,6 @@
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -121,6 +137,16 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3591",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3591"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3837",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-2199",
"refsource": "MISC",

39
2024/2xxx/CVE-2024-2905.json
View File

@ -35,6 +35,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2024.3-3.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
@ -69,19 +90,6 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat OpenShift Container Platform 4",
"version": {
@ -108,6 +116,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3401"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3823",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3823"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-2905",
"refsource": "MISC",

53
2024/2xxx/CVE-2024-2947.json
View File

@ -56,6 +56,41 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:311.2-1.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:311.2-1.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
@ -68,19 +103,6 @@
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -95,6 +117,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3667"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3843",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3843"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-2947",
"refsource": "MISC",

36
2024/35xxx/CVE-2024-35655.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through 0.6.8."
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through 0.6.9."
}
]
},
@ -40,9 +40,24 @@
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "0.6.8"
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "7.0.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "0.6.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
@ -68,6 +83,19 @@
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to&nbsp;7.0.0 or a higher version."
}
],
"value": "Update to\u00a07.0.0 or a higher version."
}
],
"credits": [
{
"lang": "en",

24
2024/36xxx/CVE-2024-36014.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "8cbc5caf36ef",
"version_value": "b77620730f61"
"version_value": "e4b52d493833"
},
{
"version_value": "not down converted",
@ -57,6 +57,18 @@
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.12",
"lessThanOrEqual": "6.8.*",
@ -90,6 +102,16 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e4b52d49383306ef73fd1bd9102538beebb0fe07",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e4b52d49383306ef73fd1bd9102538beebb0fe07"
},
{
"url": "https://git.kernel.org/stable/c/335cc45ef2b81b68be63c698b4f867a530bdf7a5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/335cc45ef2b81b68be63c698b4f867a530bdf7a5"
},
{
"url": "https://git.kernel.org/stable/c/b77620730f614059db2470e8ebab3e725280fc6d",
"refsource": "MISC",

35
2024/36xxx/CVE-2024-36015.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "9a69645dde11",
"version_value": "fbf740aeb86a"
"version_value": "df9329247dbb"
},
{
"version_value": "not down converted",
@ -57,6 +57,24 @@
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
@ -78,6 +96,21 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/df9329247dbbf00f6057e002139ab3fa529ad828",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/df9329247dbbf00f6057e002139ab3fa529ad828"
},
{
"url": "https://git.kernel.org/stable/c/ec3468221efec6660ff656e9ebe51ced3520fc57",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ec3468221efec6660ff656e9ebe51ced3520fc57"
},
{
"url": "https://git.kernel.org/stable/c/5d5b24edad1107a2ffa99058f20f6aeeafeb5d39",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5d5b24edad1107a2ffa99058f20f6aeeafeb5d39"
},
{
"url": "https://git.kernel.org/stable/c/fbf740aeb86a4fe82ad158d26d711f2f3be79b3e",
"refsource": "MISC",

24
2024/36xxx/CVE-2024-36016.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "e1eaea46bb40",
"version_value": "f126ce7305fe"
"version_value": "46f52c89a7e7"
},
{
"version_value": "not down converted",
@ -57,6 +57,18 @@
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.12",
"lessThanOrEqual": "6.8.*",
@ -90,6 +102,16 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/46f52c89a7e7d2691b97a9728e4591d071ca8abc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/46f52c89a7e7d2691b97a9728e4591d071ca8abc"
},
{
"url": "https://git.kernel.org/stable/c/774d83b008eccb1c48c14dc5486e7aa255731350",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/774d83b008eccb1c48c14dc5486e7aa255731350"
},
{
"url": "https://git.kernel.org/stable/c/f126ce7305fe88f49cdabc6db4168b9318898ea3",
"refsource": "MISC",

11
2024/36xxx/CVE-2024-36968.json
View File

@ -75,6 +75,12 @@
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
@ -111,6 +117,11 @@
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d2b2f7d3936dc5990549bc36ab7ac7ac37f22c30"
},
{
"url": "https://git.kernel.org/stable/c/4d3dbaa252257d20611c3647290e6171f1bbd6c8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4d3dbaa252257d20611c3647290e6171f1bbd6c8"
},
{
"url": "https://git.kernel.org/stable/c/a5b862c6a221459d54e494e88965b48dcfa6cc44",
"refsource": "MISC",

13
2024/36xxx/CVE-2024-36971.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "a87cb3e48ee8",
"version_value": "92f1655aa2b2"
"version_value": "b8af8e6118a6"
},
{
"version_value": "not down converted",
@ -57,6 +57,12 @@
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc2",
"lessThanOrEqual": "*",
@ -78,6 +84,11 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b8af8e6118a6605f0e495a58d591ca94a85a50fc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b8af8e6118a6605f0e495a58d591ca94a85a50fc"
},
{
"url": "https://git.kernel.org/stable/c/92f1655aa2b2294d0b49925f3b875a634bd3b59e",
"refsource": "MISC",

45
2024/36xxx/CVE-2024-36972.json
View File

@ -38,10 +38,20 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e0e09186d882",
"version_value": "4bf6964451c3"
},
{
"version_affected": "<",
"version_name": "b74aa9ce13d0",
"version_value": "d59ae9314b97"
},
{
"version_affected": "<",
"version_name": "1279f9d9dec2",
"version_value": "9841991a446c"
"version_value": "4708f49add84"
},
{
"version_value": "not down converted",
@ -57,6 +67,24 @@
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
@ -78,6 +106,21 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/4bf6964451c3cb411fbaa1ae8b214b3d97a59bf1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4bf6964451c3cb411fbaa1ae8b214b3d97a59bf1"
},
{
"url": "https://git.kernel.org/stable/c/d59ae9314b97e01c76a4171472441e55721ba636",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d59ae9314b97e01c76a4171472441e55721ba636"
},
{
"url": "https://git.kernel.org/stable/c/4708f49add84a57ce0ccc7bf9a6269845c631cc3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4708f49add84a57ce0ccc7bf9a6269845c631cc3"
},
{
"url": "https://git.kernel.org/stable/c/9841991a446c87f90f66f4b9fee6fe934c1336a2",
"refsource": "MISC",

18
2024/38xxx/CVE-2024-38266.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38266",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/38xxx/CVE-2024-38267.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38267",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/38xxx/CVE-2024-38268.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38268",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/38xxx/CVE-2024-38269.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38269",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/38xxx/CVE-2024-38270.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38270",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/38xxx/CVE-2024-38271.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38271",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/38xxx/CVE-2024-38272.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38272",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

78
2024/3xxx/CVE-2024-3657.json
View File

@ -35,6 +35,48 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.3.11.1-5.el7_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.4.5-8.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Directory Server 11",
"version": {
@ -74,19 +116,6 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
@ -99,19 +128,6 @@
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -121,6 +137,16 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3591",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3591"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3837",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3657",
"refsource": "MISC",

75
2024/4xxx/CVE-2024-4845.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4845",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Icegram Express plugin for WordPress is vulnerable to SQL Injection via the \u2018options[list_id]\u2019 parameter in all versions up to, and including, 5.7.22 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "icegram",
"product": {
"product_data": [
{
"product_name": "Email Subscribers by Icegram Express \u2013 Email Marketing, Newsletters, Automation for WordPress & WooCommerce",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "5.7.22"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21be2215-8ce0-438e-94e0-6a350b8cc952?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21be2215-8ce0-438e-94e0-6a350b8cc952?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098321/email-subscribers",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/3098321/email-subscribers"
}
]
},
"credits": [
{
"lang": "en",
"value": "Arkadiusz Hydzik"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

18
2024/5xxx/CVE-2024-5898.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5898",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/5xxx/CVE-2024-5899.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5899",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/5xxx/CVE-2024-5900.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5900",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/5xxx/CVE-2024-5901.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5901",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}