admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-09-16 15:00:36 +00:00
parent 5e66e56d7d
commit 10538e1f3b
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
25 changed files with 569 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
2023/25xxx/CVE-2023-25493.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "\nA potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code. \n\n" "value": "A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code."
} }
] ]
}, },
@ -21,8 +21,8 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-287 Improper Authentication", "value": "CWE-306 Missing Authentication for Critical Function",
"cweId": "CWE-287" "cweId": "CWE-306"
} }
] ]
} }
@ -77,7 +77,7 @@
"value": "Update system firmware to the version (or newer) indicated for your model in the advisory: <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-141775\">https://support.lenovo.com/us/en/product_security/LEN-141775</a>" "value": "Update system firmware to the version (or newer) indicated for your model in the advisory: <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-141775\">https://support.lenovo.com/us/en/product_security/LEN-141775</a>"
} }
], ],
"value": "Update system firmware to the version (or newer) indicated for your model in the advisory: https://support.lenovo.com/us/en/product_security/LEN-141775 " "value": "Update system firmware to the version (or newer) indicated for your model in the advisory: https://support.lenovo.com/us/en/product_security/LEN-141775"
} }
], ],
"credits": [ "credits": [

47
2023/2xxx/CVE-2023-2042.json
View File

@ -11,11 +11,11 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in DataGear up to 4.5.1. Affected by this issue is some unknown functionality of the component JDBC Server Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225920. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." "value": "A vulnerability, which was classified as problematic, has been found in DataGear up to 4.7.0/5.1.0. Affected by this issue is some unknown functionality of the component JDBC Server Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}, },
{ {
"lang": "deu", "lang": "deu",
"value": "Eine problematische Schwachstelle wurde in DataGear bis 4.5.1 entdeckt. Davon betroffen ist unbekannter Code der Komponente JDBC Server Handler. Mit der Manipulation mit unbekannten Daten kann eine deserialization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." "value": "Eine problematische Schwachstelle wurde in DataGear bis 4.7.0/5.1.0 entdeckt. Davon betroffen ist unbekannter Code der Komponente JDBC Server Handler. Mit der Manipulation mit unbekannten Daten kann eine deserialization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
} }
] ]
}, },
@ -25,7 +25,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-502 Deserialization", "value": "Deserialization",
"cweId": "CWE-502" "cweId": "CWE-502"
} }
] ]
@ -45,11 +45,43 @@
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.5.0" "version_value": "4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.5.1" "version_value": "4.1"
},
{
"version_affected": "=",
"version_value": "4.2"
},
{
"version_affected": "=",
"version_value": "4.3"
},
{
"version_affected": "=",
"version_value": "4.4"
},
{
"version_affected": "=",
"version_value": "4.5"
},
{
"version_affected": "=",
"version_value": "4.6"
},
{
"version_affected": "=",
"version_value": "4.7"
},
{
"version_affected": "=",
"version_value": "5.0"
},
{
"version_affected": "=",
"version_value": "5.1"
} }
] ]
} }
@ -72,6 +104,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://vuldb.com/?ctiid.225920" "name": "https://vuldb.com/?ctiid.225920"
}, },
{
"url": "https://vuldb.com/?submit.109292",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.109292"
},
{ {
"url": "https://github.com/yangyanglo/ForCVE/blob/main/2023-0x06.md", "url": "https://github.com/yangyanglo/ForCVE/blob/main/2023-0x06.md",
"refsource": "MISC", "refsource": "MISC",

8
2023/2xxx/CVE-2023-2290.json
View File

@ -21,8 +21,8 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-119" "cweId": "CWE-787"
} }
] ]
} }
@ -36,7 +36,7 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "ThinkPad ", "product_name": "ThinkPad",
"version": { "version": {
"version_data": [ "version_data": [
{ {
@ -77,7 +77,7 @@
"value": "Update system firmware to the version (or newer) indicated for your model in the Lenovo Product Security Advisory:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-106014\">https://support.lenovo.com/us/en/product_security/LEN-106014</a>" "value": "Update system firmware to the version (or newer) indicated for your model in the Lenovo Product Security Advisory:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-106014\">https://support.lenovo.com/us/en/product_security/LEN-106014</a>"
} }
], ],
"value": "Update system firmware to the version (or newer) indicated for your model in the Lenovo Product Security Advisory:\u00a0 https://support.lenovo.com/us/en/product_security/LEN-106014 https://support.lenovo.com/us/en/product_security/LEN-106014 " "value": "Update system firmware to the version (or newer) indicated for your model in the Lenovo Product Security Advisory:\u00a0 https://support.lenovo.com/us/en/product_security/LEN-106014"
} }
], ],
"credits": [ "credits": [

8
2023/2xxx/CVE-2023-2992.json
View File

@ -21,8 +21,8 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption", "value": "CWE-405: Asymmetric Resource Consumption (Amplification)",
"cweId": "CWE-400" "cweId": "CWE-405"
} }
] ]
} }
@ -36,7 +36,7 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "System Management Module (SMM) ", "product_name": "System Management Module (SMM)",
"version": { "version": {
"version_data": [ "version_data": [
{ {
@ -88,7 +88,7 @@
"value": "Upgrade to the firmware version (or newer) indicated for your model in the Lenovo Product Security:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-127357\">https://support.lenovo.com/us/en/product_security/LEN-127357</a>" "value": "Upgrade to the firmware version (or newer) indicated for your model in the Lenovo Product Security:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-127357\">https://support.lenovo.com/us/en/product_security/LEN-127357</a>"
} }
], ],
"value": "Upgrade to the firmware version (or newer) indicated for your model in the Lenovo Product Security:\u00a0 https://support.lenovo.com/us/en/product_security/LEN-127357 https://support.lenovo.com/us/en/product_security/LEN-127357 " "value": "Upgrade to the firmware version (or newer) indicated for your model in the Lenovo Product Security:\u00a0 https://support.lenovo.com/us/en/product_security/LEN-127357"
} }
], ],
"impact": { "impact": {

10
2023/3xxx/CVE-2023-3961.json
View File

@ -308,16 +308,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.samba.org/show_bug.cgi?id=15422" "name": "https://bugzilla.samba.org/show_bug.cgi?id=15422"
}, },
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231124-0002/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20231124-0002/"
},
{ {
"url": "https://www.samba.org/samba/security/CVE-2023-3961.html", "url": "https://www.samba.org/samba/security/CVE-2023-3961.html",
"refsource": "MISC", "refsource": "MISC",

5
2023/42xxx/CVE-2023-42669.json
View File

@ -308,11 +308,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.samba.org/show_bug.cgi?id=15474" "name": "https://bugzilla.samba.org/show_bug.cgi?id=15474"
}, },
{
"url": "https://security.netapp.com/advisory/ntap-20231124-0002/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20231124-0002/"
},
{ {
"url": "https://www.samba.org/samba/security/CVE-2023-42669.html", "url": "https://www.samba.org/samba/security/CVE-2023-42669.html",
"refsource": "MISC", "refsource": "MISC",

5
2023/43xxx/CVE-2023-43785.json
View File

@ -130,11 +130,6 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242252",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242252" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242252"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231103-0006/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20231103-0006/"
} }
] ]
}, },

15
2023/43xxx/CVE-2023-43786.json
View File

@ -111,11 +111,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/24/9"
},
{ {
"url": "https://access.redhat.com/errata/RHSA-2024:2145", "url": "https://access.redhat.com/errata/RHSA-2024:2145",
"refsource": "MISC", "refsource": "MISC",
@ -135,16 +130,6 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242253",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242253" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242253"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231103-0006/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20231103-0006/"
} }
] ]
}, },

15
2023/43xxx/CVE-2023-43787.json
View File

@ -111,11 +111,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/24/9"
},
{ {
"url": "https://access.redhat.com/errata/RHSA-2024:2145", "url": "https://access.redhat.com/errata/RHSA-2024:2145",
"refsource": "MISC", "refsource": "MISC",
@ -135,16 +130,6 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242254",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242254" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242254"
},
{
"url": "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/",
"refsource": "MISC",
"name": "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231103-0006/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20231103-0006/"
} }
] ]
}, },

25
2023/43xxx/CVE-2023-43788.json
View File

@ -174,31 +174,6 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242248",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242248" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242248"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFAJTBNO3PAIA6EGZR4PN62H6RLKNDTE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFAJTBNO3PAIA6EGZR4PN62H6RLKNDTE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZECBCLDYUGLDSVV75ECPIBW7JXOB3747/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZECBCLDYUGLDSVV75ECPIBW7JXOB3747/"
} }
] ]
}, },

20
2023/43xxx/CVE-2023-43789.json
View File

@ -174,26 +174,6 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242249", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242249",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242249" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242249"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFAJTBNO3PAIA6EGZR4PN62H6RLKNDTE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFAJTBNO3PAIA6EGZR4PN62H6RLKNDTE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZECBCLDYUGLDSVV75ECPIBW7JXOB3747/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZECBCLDYUGLDSVV75ECPIBW7JXOB3747/"
} }
] ]
}, },

15
2023/4xxx/CVE-2023-4091.json
View File

@ -308,21 +308,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.samba.org/show_bug.cgi?id=15439" "name": "https://bugzilla.samba.org/show_bug.cgi?id=15439"
}, },
{
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231124-0002/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20231124-0002/"
},
{ {
"url": "https://www.samba.org/samba/security/CVE-2023-4091.html", "url": "https://www.samba.org/samba/security/CVE-2023-4091.html",
"refsource": "MISC", "refsource": "MISC",

8
2023/5xxx/CVE-2023-5078.json
View File

@ -21,8 +21,8 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-665 Improper Initialization", "value": "CWE-1419: Incorrect Initialization of Resource",
"cweId": "CWE-665" "cweId": "CWE-1419"
} }
] ]
} }
@ -74,10 +74,10 @@
{ {
"base64": false, "base64": false,
"type": "text/html", "type": "text/html",
"value": "\n\nUpdate system firmware to the version (or newer) indicated for your model in the advisory: <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-141775\">https://support.lenovo.com/us/en/product_security/LEN-141775</a>\n\n<br>" "value": "Update system firmware to the version (or newer) indicated for your model in the advisory: <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-141775\">https://support.lenovo.com/us/en/product_security/LEN-141775</a>\n\n<br>"
} }
], ],
"value": "\nUpdate system firmware to the version (or newer) indicated for your model in the advisory: https://support.lenovo.com/us/en/product_security/LEN-141775 \n\n\n" "value": "Update system firmware to the version (or newer) indicated for your model in the advisory: https://support.lenovo.com/us/en/product_security/LEN-141775"
} }
], ],
"credits": [ "credits": [

10
2023/5xxx/CVE-2023-5080.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands. " "value": "A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands."
} }
] ]
}, },
@ -21,8 +21,8 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-269 Improper Privilege Management", "value": "CWE-266: Incorrect Privilege Assignment",
"cweId": "CWE-269" "cweId": "CWE-266"
} }
] ]
} }
@ -74,10 +74,10 @@
{ {
"base64": false, "base64": false,
"type": "text/html", "type": "text/html",
"value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Update to the version (or newer) indicated for your model in the Product Impact section in the advisory: <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-142135\">https://support.lenovo.com/us/en/product_security/LEN-142135</a></span><br>" "value": "<span style=\"background-color: rgb(255, 255, 255);\">Update to the version (or newer) indicated for your model in the Product Impact section in the advisory: <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-142135\">https://support.lenovo.com/us/en/product_security/LEN-142135</a></span><br>"
} }
], ],
"value": "\nUpdate to the version (or newer) indicated for your model in the Product Impact section in the advisory: https://support.lenovo.com/us/en/product_security/LEN-142135 \n" "value": "Update to the version (or newer) indicated for your model in the Product Impact section in the advisory: https://support.lenovo.com/us/en/product_security/LEN-142135"
} }
], ],
"credits": [ "credits": [

10
2023/5xxx/CVE-2023-5081.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a local application to gather a non-resettable device identifier. " "value": "An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a local application to gather a non-resettable device identifier."
} }
] ]
}, },
@ -21,8 +21,8 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "value": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"cweId": "CWE-200" "cweId": "CWE-497"
} }
] ]
} }
@ -74,10 +74,10 @@
{ {
"base64": false, "base64": false,
"type": "text/html", "type": "text/html",
"value": "\n\n\n\n<span style=\"background-color: rgb(255, 255, 255);\">Update to the version (or newer) indicated for your model in the Product Impact section in the advisory:</span>\n\n<br><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-142135\">https://support.lenovo.com/us/en/product_security/LEN-142135</a><br>" "value": "<span style=\"background-color: rgb(255, 255, 255);\">Update to the version (or newer) indicated for your model in the Product Impact section in the advisory:</span>\n\n<br><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-142135\">https://support.lenovo.com/us/en/product_security/LEN-142135</a><br>"
} }
], ],
"value": "\n\n\nUpdate to the version (or newer) indicated for your model in the Product Impact section in the advisory:\n\n\n https://support.lenovo.com/us/en/product_security/LEN-142135 \n" "value": "Update to the version (or newer) indicated for your model in the Product Impact section in the advisory:\n\n\n https://support.lenovo.com/us/en/product_security/LEN-142135"
} }
], ],
"credits": [ "credits": [

5
2023/5xxx/CVE-2023-5115.json
View File

@ -158,11 +158,6 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233810", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233810",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2233810" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2233810"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"
} }
] ]
}, },

115
2024/39xxx/CVE-2024-39772.json
View File

@ -1,17 +1,124 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-39772", "ID": "CVE-2024-39772",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "responsibledisclosure@mattermost.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mattermost",
"product": {
"product_data": [
{
"product_name": "Mattermost",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "5.8.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "5.9.0"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://mattermost.com/security-updates",
"refsource": "MISC",
"name": "https://mattermost.com/security-updates"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "MMSA-2024-00372",
"defect": [
"https://mattermost.atlassian.net/browse/MM-59043"
],
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Update Mattermost Desktop App to versions 5.9.0 or higher.</p>"
}
],
"value": "Update Mattermost Desktop App to versions 5.9.0 or higher."
}
],
"credits": [
{
"lang": "en",
"value": "Doyensec"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
} }
] ]
} }

6
2024/42xxx/CVE-2024-42485.json
View File

@ -41,7 +41,11 @@
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "< 2.3.3" "version_value": ">= 2.0.0-alpha, < 2.3.3"
},
{
"version_affected": "=",
"version_value": "< 1.1.14"
} }
] ]
} }

115
2024/45xxx/CVE-2024-45835.json
View File

@ -1,17 +1,124 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-45835", "ID": "CVE-2024-45835",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "responsibledisclosure@mattermost.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure",
"cweId": "CWE-693"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mattermost",
"product": {
"product_data": [
{
"product_name": "Mattermost",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "5.8.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "5.9.0"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://mattermost.com/security-updates",
"refsource": "MISC",
"name": "https://mattermost.com/security-updates"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "MMSA-2024-00371",
"defect": [
"https://mattermost.atlassian.net/browse/MM-59045"
],
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Update Mattermost Desktop App to versions 5.9.0 or higher.</p>"
}
],
"value": "Update Mattermost Desktop App to versions 5.9.0 or higher."
}
],
"credits": [
{
"lang": "en",
"value": "Doyensec"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
} }
] ]
} }

75
2024/6xxx/CVE-2024-6401.json
View File

@ -1,18 +1,85 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-6401", "ID": "CVE-2024-6401",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@usom.gov.tr",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection.This issue affects InsureE GL: before 4.6.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
} }
] ]
} }
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SFS Consulting",
"product": {
"product_data": [
{
"product_name": "InsureE GL",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.6.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1475",
"refsource": "MISC",
"name": "https://www.usom.gov.tr/bildirim/tr-24-1475"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TR-24-1475",
"defect": [
"TR-24-1475"
],
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Ya\u011f\u0131z KO\u00c7ER"
},
{
"lang": "en",
"value": "Secure Future Inc."
}
]
} }

79
2024/7xxx/CVE-2024-7098.json
View File

@ -1,18 +1,89 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-7098", "ID": "CVE-2024-7098",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@usom.gov.tr",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611 Improper Restriction of XML External Entity Reference",
"cweId": "CWE-611"
} }
] ]
} }
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SFS Consulting",
"product": {
"product_data": [
{
"product_name": "ww.Winsure",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.6.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1475",
"refsource": "MISC",
"name": "https://www.usom.gov.tr/bildirim/tr-24-1475"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TR-24-1475",
"defect": [
"TR-24-1475"
],
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Kaan ATMACA"
},
{
"lang": "en",
"value": "Berk \u0130MRAN"
},
{
"lang": "en",
"value": "Secure Future Inc."
}
]
} }

75
2024/7xxx/CVE-2024-7104.json
View File

@ -1,18 +1,85 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-7104", "ID": "CVE-2024-7104",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@usom.gov.tr",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"cweId": "CWE-94"
} }
] ]
} }
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SFS Consulting",
"product": {
"product_data": [
{
"product_name": "ww.Winsure",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.6.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1475",
"refsource": "MISC",
"name": "https://www.usom.gov.tr/bildirim/tr-24-1475"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TR-24-1475",
"defect": [
"TR-24-1475"
],
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Salih \u00d6ZEK"
},
{
"lang": "en",
"value": "Secure Future Inc."
}
]
} }

18
2024/8xxx/CVE-2024-8894.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8894",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/8xxx/CVE-2024-8895.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8895",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/8xxx/CVE-2024-8896.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8896",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}