admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-09-16 13:00:35 +00:00
parent 2d33e20ae2
commit 0b604cb5ca
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
33 changed files with 281 additions and 372 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
2022/2xxx/CVE-2022-2127.json
View File

@ -251,31 +251,6 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2222791"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230731-0010/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230731-0010/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5477",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5477"
},
{
"url": "https://www.samba.org/samba/security/CVE-2022-2127.html",
"refsource": "MISC",

143
2023/29xxx/CVE-2023-29322.json
View File

@ -1,50 +1,12 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2023-06-13T23:00:00.000Z",
"ID": "CVE-2023-29322",
"STATE": "PUBLIC",
"TITLE": "Reflected XSS in `libs/cq/statistics/components/result-quality/html.jsp` via the `path` parameter"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Experience Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "6.5.16.0"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-29322",
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
@ -53,44 +15,99 @@
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (Reflected XSS) (CWE-79)"
"value": "Cross-site Scripting (Reflected XSS) (CWE-79)",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "Adobe Experience Manager",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "6.5.16.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-31.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/experience-manager/apsb23-31.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.4,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "LOW",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "NETWORK",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "LOW",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "CHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "CHANGED",
"temporalScore": 5.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}
}

20
2023/34xxx/CVE-2023-34966.json
View File

@ -277,26 +277,6 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2222793"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230731-0010/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230731-0010/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5477",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5477"
},
{
"url": "https://www.samba.org/samba/security/CVE-2023-34966",
"refsource": "MISC",

20
2023/34xxx/CVE-2023-34967.json
View File

@ -251,26 +251,6 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2222794"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230731-0010/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230731-0010/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5477",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5477"
},
{
"url": "https://www.samba.org/samba/security/CVE-2023-34967.html",
"refsource": "MISC",

20
2023/34xxx/CVE-2023-34968.json
View File

@ -250,26 +250,6 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2222795"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230731-0010/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230731-0010/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5477",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5477"
},
{
"url": "https://www.samba.org/samba/security/CVE-2023-34968.html",
"refsource": "MISC",

5
2023/38xxx/CVE-2023-38200.json
View File

@ -83,11 +83,6 @@
"url": "https://github.com/keylime/keylime/pull/1421",
"refsource": "MISC",
"name": "https://github.com/keylime/keylime/pull/1421"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/"
}
]
},

5
2023/38xxx/CVE-2023-38201.json
View File

@ -88,11 +88,6 @@
"url": "https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww",
"refsource": "MISC",
"name": "https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/"
}
]
},

2
2023/38xxx/CVE-2023-38206.json
View File

@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "LOW",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",

15
2023/38xxx/CVE-2023-38559.json
View File

@ -146,21 +146,6 @@
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1",
"refsource": "MISC",
"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00006.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/08/msg00006.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBV6BTUREXM6DB3OGHGLMWGAZ3I45TXE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBV6BTUREXM6DB3OGHGLMWGAZ3I45TXE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QH7ERAYSSXEYDWWY7LOV7CA5MIDZN3Z6/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QH7ERAYSSXEYDWWY7LOV7CA5MIDZN3Z6/"
}
]
},

20
2023/3xxx/CVE-2023-3347.json
View File

@ -177,26 +177,6 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2222792"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230731-0010/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230731-0010/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5477",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5477"
},
{
"url": "https://www.samba.org/samba/security/CVE-2023-3347.html",
"refsource": "MISC",

5
2023/3xxx/CVE-2023-3576.json
View File

@ -141,11 +141,6 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219340",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2219340"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html"
}
]
},

10
2023/3xxx/CVE-2023-3899.json
View File

@ -371,16 +371,6 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225407",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2225407"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJHKSBBZRDFOBNDU35FUKMYQIQYT6UJQ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJHKSBBZRDFOBNDU35FUKMYQIQYT6UJQ/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDIHGNLS3TZVX7X2F735OKI4KXPY4AH6/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDIHGNLS3TZVX7X2F735OKI4KXPY4AH6/"
}
]
},

20
2023/42xxx/CVE-2023-42756.json
View File

@ -150,26 +150,6 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2239848"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/"
},
{
"url": "https://seclists.org/oss-sec/2023/q3/242",
"refsource": "MISC",

2
2023/44xxx/CVE-2023-44350.json
View File

@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",

2
2023/44xxx/CVE-2023-44355.json
View File

@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",

20
2023/4xxx/CVE-2023-4147.json
View File

@ -235,26 +235,6 @@
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ebc1064e4874d5987722a2ddbc18f94aa53b211"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231020-0006/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20231020-0006/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5480",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5480"
},
{
"url": "https://www.debian.org/security/2023/dsa-5492",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5492"
},
{
"url": "https://www.spinics.net/lists/stable/msg671573.html",
"refsource": "MISC",

15
2023/5xxx/CVE-2023-5981.json
View File

@ -818,11 +818,6 @@
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/19/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/19/3"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0155",
"refsource": "MISC",
@ -872,16 +867,6 @@
"url": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23",
"refsource": "MISC",
"name": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/"
}
]
},

25
2024/0xxx/CVE-2024-0553.json
View File

@ -818,11 +818,6 @@
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/19/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/19/3"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0533",
"refsource": "MISC",
@ -873,30 +868,10 @@
"refsource": "MISC",
"name": "https://gitlab.com/gnutls/gnutls/-/issues/1522"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00010.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2024/02/msg00010.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/"
},
{
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html",
"refsource": "MISC",
"name": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240202-0011/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20240202-0011/"
}
]
},

20
2024/0xxx/CVE-2024-0567.json
View File

@ -785,11 +785,6 @@
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/19/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/19/3"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0533",
"refsource": "MISC",
@ -825,25 +820,10 @@
"refsource": "MISC",
"name": "https://gitlab.com/gnutls/gnutls/-/issues/1521"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/"
},
{
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html",
"refsource": "MISC",
"name": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240202-0011/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20240202-0011/"
}
]
},

14
2024/34xxx/CVE-2024-34113.json
View File

@ -81,11 +81,11 @@
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.2,
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 6.2,
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
@ -95,17 +95,17 @@
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 6.2,
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]

14
2024/39xxx/CVE-2024-39379.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Acrobat for Edge versions 126.0.2592.81 and earlier are affected by an out-of-bounds read vulnerability that could lead to arbitrary file system read access. An attacker could exploit this vulnerability to read contents from a location in memory past the buffer boundary, potentially leading to sensitive information disclosure. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
"value": "Acrobat for Edge versions 126.0.2592.81 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
@ -79,11 +79,11 @@
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
@ -92,11 +92,11 @@
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "NONE",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
@ -105,7 +105,7 @@
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]

2
2024/39xxx/CVE-2024-39397.json
View File

@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "CHANGED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",

4
2024/39xxx/CVE-2024-39406.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed."
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed."
}
]
},
@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "HIGH",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "CHANGED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "HIGH",
"remediationLevel": "NOT_DEFINED",

4
2024/39xxx/CVE-2024-39408.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction."
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changeson behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction."
}
]
},
@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",

4
2024/39xxx/CVE-2024-39409.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction."
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction."
}
]
},
@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",

14
2024/39xxx/CVE-2024-39410.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction."
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue does not require user interaction."
}
]
},
@ -95,17 +95,17 @@
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "LOW",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]

4
2024/39xxx/CVE-2024-39412.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction."
"value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and perform a minor integrity change. Exploitation of this issue does not require user interaction."
}
]
},
@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",

18
2024/41xxx/CVE-2024-41839.json
View File

@ -81,12 +81,12 @@
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 4.1,
"environmentalSeverity": "MEDIUM",
"environmentalScore": 3.5,
"environmentalSeverity": "LOW",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "LOW",
"integrityRequirement": "NOT_DEFINED",
@ -96,16 +96,16 @@
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "CHANGED",
"temporalScore": 4.1,
"temporalSeverity": "MEDIUM",
"scope": "UNCHANGED",
"temporalScore": 3.5,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]

6
2024/41xxx/CVE-2024-41867.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "After Effects versions 23.6.6, 24.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to arbitrary file system write operations. An attacker could leverage this vulnerability to modify or corrupt files, potentially leading to a compromise of system integrity. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
"value": "After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow (CWE-121)",
"cweId": "CWE-121"
"value": "Out-of-bounds Read (CWE-125)",
"cweId": "CWE-125"
}
]
}

2
2024/41xxx/CVE-2024-41878.json
View File

@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "LOW",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "CHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",

56
2024/46xxx/CVE-2024-46424.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-46424",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-46424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the UploadCustomModule function, which allows attackers to cause a Denial of Service (DoS) via the File parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/UploadCustomModule.md",
"refsource": "MISC",
"name": "https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/UploadCustomModule.md"
}
]
}

56
2024/46xxx/CVE-2024-46451.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-46451",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-46451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/offshore0315/loT-vulnerable/blob/main/TOTOLINK/AC1200%20T8/setWiFiAclRules.md",
"refsource": "MISC",
"name": "https://github.com/offshore0315/loT-vulnerable/blob/main/TOTOLINK/AC1200%20T8/setWiFiAclRules.md"
}
]
}

61
2024/46xxx/CVE-2024-46937.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-46937",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-46937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server (SAS) 1.8.x through 1.9.x before 1.9.040924 allows remote attackers gain access to user tokens without authentication. The is a brute-force attack on the serial parameter by number identifier: GA00001, GA00002, GA00003, etc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://mfasoft.ru",
"refsource": "MISC",
"name": "https://mfasoft.ru"
},
{
"refsource": "MISC",
"name": "https://github.com/WI1D-41/IDOR-in-MFASOFT-Secure-Authentication-Server",
"url": "https://github.com/WI1D-41/IDOR-in-MFASOFT-Secure-Authentication-Server"
}
]
}