admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-02-17 06:00:36 +00:00
parent 7d50b69873
commit 03810b61d1
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
9 changed files with 713 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
2023/39xxx/CVE-2023-39454.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code."
"value": "Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code."
}
]
},
@ -21,7 +21,8 @@
"description": [
{
"lang": "eng",
"value": "Buffer overflow"
"value": "Buffer overflow",
"cweId": "CWE-120"
}
]
}
@ -66,6 +67,28 @@
}
]
}
},
{
"product_name": "WRC-X6000QS-G",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "v1.13 and earlier"
}
]
}
},
{
"product_name": "WRC-X6000QSA-G",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "v1.13 and earlier"
}
]
}
}
]
}
@ -86,5 +109,15 @@
"name": "https://jvn.jp/en/vu/JVNVU91630351/"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
]
}
}

81
2024/13xxx/CVE-2024-13603.json
View File

@ -1,18 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13603",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Wise Forms WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks via malicious form submissions."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Wise Forms",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "1.2.0"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/234a8d22-e6c6-4819-9ac0-434a96b3462d/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/234a8d22-e6c6-4819-9ac0-434a96b3462d/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Steven Pereira aka Cursed && Muktanand Kale aka Muktimantras"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

81
2024/13xxx/CVE-2024-13608.json
View File

@ -1,18 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13608",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Track Logins WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Track Logins",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "1.0"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/408e6cad-f02d-455a-9943-32da77537da1/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/408e6cad-f02d-455a-9943-32da77537da1/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Francisco Alisson"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

81
2024/13xxx/CVE-2024-13625.json
View File

@ -1,18 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13625",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Tube Video Ads Lite WordPress plugin through 1.5.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Tube Video Ads Lite",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "1.5.7"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/6bfabf1d-86f2-4d29-bc55-d618d757dcc6/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/6bfabf1d-86f2-4d29-bc55-d618d757dcc6/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Hassan Khan Yusufzai - Splint3r7"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

81
2024/13xxx/CVE-2024-13626.json
View File

@ -1,18 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13626",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The VR-Frases (collect & share quotes) WordPress plugin through 3.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "VR-Frases (collect & share quotes)",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "3.0.1"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/511c6e7a-087f-41ef-9009-2525f332f8c6/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/511c6e7a-087f-41ef-9009-2525f332f8c6/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Hassan Khan Yusufzai - Splint3r7"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

81
2024/13xxx/CVE-2024-13627.json
View File

@ -1,18 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13627",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The OWL Carousel Slider WordPress plugin through 2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "OWL Carousel Slider",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "2.2"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/f7e425a1-ae49-4ea6-abe4-42ba2713af8f/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/f7e425a1-ae49-4ea6-abe4-42ba2713af8f/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Hassan Khan Yusufzai - Splint3r7"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

81
2024/13xxx/CVE-2024-13726.json
View File

@ -1,18 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13726",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Coder WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Themes Coder",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "1.3.4"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/ec226d22-0c09-4e7c-86ec-b64819089b60/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/ec226d22-0c09-4e7c-86ec-b64819089b60/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Project Black"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

115
2025/1xxx/CVE-2025-1377.json
View File

@ -1,17 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1377",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in GNU elfutils 0.192 entdeckt. Sie wurde als problematisch eingestuft. Davon betroffen ist die Funktion gelf_getsymshndx der Datei strip.c der Komponente eu-strip. Durch Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Der Patch wird als fbf1df9ca286de3323ae541973b08449f8d03aba bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service",
"cweId": "CWE-404"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GNU",
"product": {
"product_data": [
{
"product_name": "elfutils",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.192"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.295985",
"refsource": "MISC",
"name": "https://vuldb.com/?id.295985"
},
{
"url": "https://vuldb.com/?ctiid.295985",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.295985"
},
{
"url": "https://vuldb.com/?submit.497539",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.497539"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32673",
"refsource": "MISC",
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=32673"
},
{
"url": "https://sourceware.org/bugzilla/attachment.cgi?id=15941",
"refsource": "MISC",
"name": "https://sourceware.org/bugzilla/attachment.cgi?id=15941"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32673#c2",
"refsource": "MISC",
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=32673#c2"
},
{
"url": "https://www.gnu.org/",
"refsource": "MISC",
"name": "https://www.gnu.org/"
}
]
},
"credits": [
{
"lang": "en",
"value": "wenjusun (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.3,
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"
}
]
}

115
2025/1xxx/CVE-2025-1378.json
View File

@ -1,17 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1378",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0.0 is able to address this issue. The patch is identified as c6c772d2eab692ce7ada5a4227afd50c355ad545. It is recommended to upgrade the affected component."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in radare2 5.9.9 33286 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock in der Bibliothek /libr/main/rasm2.c der Komponente rasm2. Durch das Beeinflussen mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 6.0.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als c6c772d2eab692ce7ada5a4227afd50c355ad545 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "radare2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.9.9 33286"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.295986",
"refsource": "MISC",
"name": "https://vuldb.com/?id.295986"
},
{
"url": "https://vuldb.com/?ctiid.295986",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.295986"
},
{
"url": "https://vuldb.com/?submit.498499",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.498499"
},
{
"url": "https://github.com/radareorg/radare2/issues/23953",
"refsource": "MISC",
"name": "https://github.com/radareorg/radare2/issues/23953"
},
{
"url": "https://github.com/radareorg/radare2/issues/23953#issue-2844325926",
"refsource": "MISC",
"name": "https://github.com/radareorg/radare2/issues/23953#issue-2844325926"
},
{
"url": "https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545",
"refsource": "MISC",
"name": "https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545"
},
{
"url": "https://github.com/radareorg/radare2/milestone/86",
"refsource": "MISC",
"name": "https://github.com/radareorg/radare2/milestone/86"
}
]
},
"credits": [
{
"lang": "en",
"value": "wenjusun (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.3,
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"
}
]
}