admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-09-14 03:00:33 +00:00
parent e01a44ae4c
commit 13b35c633d
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
33 changed files with 281 additions and 363 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2022/3xxx/CVE-2022-3459.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3459",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all versions up to, and including, 1.2.3. This is due to plugin not enforcing server-side checks on the products that can be added as a gift. This makes it possible for unauthenticated attackers to add non-gift items to their cart as a gift."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key",
"cweId": "CWE-639"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ankitpokhrel",
"product": {
"product_data": [
{
"product_name": "WooCommerce Multiple Free Gift",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.2.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cdb9c321-1a2c-4593-9947-2071a908ee1c?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cdb9c321-1a2c-4593-9947-2071a908ee1c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-multiple-free-gift/trunk/lib/WFG_Frontend.class.php#L189",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/woocommerce-multiple-free-gift/trunk/lib/WFG_Frontend.class.php#L189"
}
]
},
"credits": [
{
"lang": "en",
"value": "Danielius Vargonas"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

2
2024/21xxx/CVE-2024-21416.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/30xxx/CVE-2024-30073.json
View File

@ -150,7 +150,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

4
2024/38xxx/CVE-2024-38014.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}
@ -356,7 +356,7 @@
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C"
}
]
}

2
2024/38xxx/CVE-2024-38045.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38046.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38119.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38217.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38234.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38235.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38237.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38238.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38239.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38240.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38241.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38242.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38243.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38244.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38245.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38246.json
View File

@ -102,7 +102,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38247.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38248.json
View File

@ -102,7 +102,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38249.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38250.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38252.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38253.json
View File

@ -66,7 +66,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38254.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38257.json
View File

@ -138,7 +138,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

2
2024/38xxx/CVE-2024-38259.json
View File

@ -78,7 +78,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}

4
2024/43xxx/CVE-2024-43461.json
View File

@ -150,7 +150,7 @@
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4169"
"version_value": "10.0.22631.4169"
}
]
}
@ -356,7 +356,7 @@
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C"
}
]
}

320
2024/6xxx/CVE-2024-6387.json
View File

@ -282,151 +282,6 @@
},
"references": {
"reference_data": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2024/Jul/18"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/19",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2024/Jul/19"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/20",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2024/Jul/20"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/01/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/13",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/01/13"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/02/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/02/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/03/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/03/11"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/03/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/03/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/03/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/03/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/04/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/04/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/08/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/11/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/28/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4312",
"refsource": "MISC",
@ -467,176 +322,16 @@
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2024-6387"
},
{
"url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/",
"refsource": "MISC",
"name": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/"
},
{
"url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/",
"refsource": "MISC",
"name": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server",
"refsource": "MISC",
"name": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
},
{
"url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html",
"refsource": "MISC",
"name": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html"
},
{
"url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132",
"refsource": "MISC",
"name": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132"
},
{
"url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc",
"refsource": "MISC",
"name": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
},
{
"url": "https://github.com/AlmaLinux/updates/issues/629",
"refsource": "MISC",
"name": "https://github.com/AlmaLinux/updates/issues/629"
},
{
"url": "https://github.com/Azure/AKS/issues/4379",
"refsource": "MISC",
"name": "https://github.com/Azure/AKS/issues/4379"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248",
"refsource": "MISC",
"name": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249",
"refsource": "MISC",
"name": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249"
},
{
"url": "https://github.com/microsoft/azurelinux/issues/9555",
"refsource": "MISC",
"name": "https://github.com/microsoft/azurelinux/issues/9555"
},
{
"url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09",
"refsource": "MISC",
"name": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09"
},
{
"url": "https://github.com/oracle/oracle-linux/issues/149",
"refsource": "MISC",
"name": "https://github.com/oracle/oracle-linux/issues/149"
},
{
"url": "https://github.com/rapier1/hpn-ssh/issues/87",
"refsource": "MISC",
"name": "https://github.com/rapier1/hpn-ssh/issues/87"
},
{
"url": "https://github.com/zgzhang/cve-2024-6387-poc",
"refsource": "MISC",
"name": "https://github.com/zgzhang/cve-2024-6387-poc"
},
{
"url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/",
"refsource": "MISC",
"name": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/"
},
{
"url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html",
"refsource": "MISC",
"name": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
},
{
"url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html",
"refsource": "MISC",
"name": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html"
},
{
"url": "https://news.ycombinator.com/item?id=40843778",
"refsource": "MISC",
"name": "https://news.ycombinator.com/item?id=40843778"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010",
"refsource": "MISC",
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010"
},
{
"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html",
"refsource": "MISC",
"name": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2024-6387",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2024-6387"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240701-0001/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20240701-0001/"
},
{
"url": "https://sig-security.rocky.page/issues/CVE-2024-6387/",
"refsource": "MISC",
"name": "https://sig-security.rocky.page/issues/CVE-2024-6387/"
},
{
"url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/",
"refsource": "MISC",
"name": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/"
},
{
"url": "https://support.apple.com/kb/HT214118",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214118"
},
{
"url": "https://support.apple.com/kb/HT214119",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214119"
},
{
"url": "https://support.apple.com/kb/HT214120",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT214120"
},
{
"url": "https://ubuntu.com/security/CVE-2024-6387",
"refsource": "MISC",
"name": "https://ubuntu.com/security/CVE-2024-6387"
},
{
"url": "https://ubuntu.com/security/notices/USN-6859-1",
"refsource": "MISC",
"name": "https://ubuntu.com/security/notices/USN-6859-1"
},
{
"url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do",
"refsource": "MISC",
"name": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100",
"refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
},
{
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc",
"refsource": "MISC",
"name": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc"
},
{
"url": "https://www.openssh.com/txt/release-9.8",
"refsource": "MISC",
@ -646,21 +341,6 @@
"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt",
"refsource": "MISC",
"name": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
},
{
"url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html",
"refsource": "MISC",
"name": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html"
},
{
"url": "https://www.suse.com/security/cve/CVE-2024-6387.html",
"refsource": "MISC",
"name": "https://www.suse.com/security/cve/CVE-2024-6387.html"
},
{
"url": "https://www.theregister.com/2024/07/01/regresshion_openssh/",
"refsource": "MISC",
"name": "https://www.theregister.com/2024/07/01/regresshion_openssh/"
}
]
},

81
2024/8xxx/CVE-2024-8271.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8271",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The The FOX \u2013 Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode in the 'woocs_get_custom_price_html' function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "realmag777",
"product": {
"product_data": [
{
"product_name": "FOX \u2013 Currency Switcher Professional for WooCommerce",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.4.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dec51bd6-2ffe-47b6-9423-6131395bf439?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dec51bd6-2ffe-47b6-9423-6131395bf439?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-currency-switcher/tags/1.4.2.1/classes/woocs.php#L4604",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/woocommerce-currency-switcher/tags/1.4.2.1/classes/woocs.php#L4604"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3150596%40woocommerce-currency-switcher&new=3150596%40woocommerce-currency-switcher&sfp_email=&sfph_mail=",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3150596%40woocommerce-currency-switcher&new=3150596%40woocommerce-currency-switcher&sfp_email=&sfph_mail="
}
]
},
"credits": [
{
"lang": "en",
"value": "Arkadiusz Hydzik"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH"
}
]
}

105
2024/8xxx/CVE-2024-8775.json
View File

@ -1,17 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8775",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insertion of Sensitive Information into Log File",
"cweId": "CWE-532"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Discovery",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Storage 3",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Update Infrastructure 4 for Cloud Providers",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-8775",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2024-8775"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312119",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2312119"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}