mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-06 10:41:46 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
ff63fb0f23
commit
0a47f1b6aa
@ -1,17 +1,85 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-12434",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security@wordfence.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The SureMembers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.10.6 via the REST API. This makes it possible for unauthenticated attackers to extract sensitive data including restricted content."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
|
||||
"cweId": "CWE-200"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "SureCart",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SureMembers",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "*",
|
||||
"version_value": "1.10.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f33e0019-e52e-464b-843d-a034e5205b2e?source=cve",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f33e0019-e52e-464b-843d-a034e5205b2e?source=cve"
|
||||
},
|
||||
{
|
||||
"url": "https://suremembers.com/whats-new/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://suremembers.com/whats-new/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Francesco Carlucci"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2024/13xxx/CVE-2024-13912.json
Normal file
18
2024/13xxx/CVE-2024-13912.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-13912",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2025-22868",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security@golang.org",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-1286: Improper Validation of Syntactic Correctness of Input"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "golang.org/x/oauth2",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "golang.org/x/oauth2/jws",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "0.27.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://go.dev/cl/652155",
|
||||
"refsource": "MISC",
|
||||
"name": "https://go.dev/cl/652155"
|
||||
},
|
||||
{
|
||||
"url": "https://go.dev/issue/71490",
|
||||
"refsource": "MISC",
|
||||
"name": "https://go.dev/issue/71490"
|
||||
},
|
||||
{
|
||||
"url": "https://pkg.go.dev/vuln/GO-2025-3488",
|
||||
"refsource": "MISC",
|
||||
"name": "https://pkg.go.dev/vuln/GO-2025-3488"
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "jub0bs"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2025-22869",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security@golang.org",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-770: Allocation of Resources Without Limits or Throttling"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "golang.org/x/crypto",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "golang.org/x/crypto/ssh",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "0.35.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://go.dev/cl/652135",
|
||||
"refsource": "MISC",
|
||||
"name": "https://go.dev/cl/652135"
|
||||
},
|
||||
{
|
||||
"url": "https://go.dev/issue/71931",
|
||||
"refsource": "MISC",
|
||||
"name": "https://go.dev/issue/71931"
|
||||
},
|
||||
{
|
||||
"url": "https://pkg.go.dev/vuln/GO-2025-3487",
|
||||
"refsource": "MISC",
|
||||
"name": "https://pkg.go.dev/vuln/GO-2025-3487"
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Yuichi Watanabe"
|
||||
}
|
||||
]
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user