admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-06-25 17:00:36 +00:00
parent 377d0e9b8a
commit 1d0f6f1f34
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
14 changed files with 565 additions and 160 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
2023/34xxx/CVE-2023-34966.json
View File

@ -147,6 +147,27 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.17.5-105.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
@ -241,6 +262,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0580"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4101",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:4101"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-34966",
"refsource": "MISC",

5
2024/21xxx/CVE-2024-21827.json
View File

@ -58,11 +58,6 @@
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947",
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947",
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947"
}
]
},

39
2024/2xxx/CVE-2024-2199.json
View File

@ -35,6 +35,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Directory Server 12.4 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "9040020240604143706.1674d574",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
@ -90,19 +111,6 @@
]
}
},
{
"product_name": "Red Hat Directory Server 12",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -147,6 +155,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4092",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:4092"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-2199",
"refsource": "MISC",

18
2024/39xxx/CVE-2024-39572.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39572",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

39
2024/3xxx/CVE-2024-3657.json
View File

@ -35,6 +35,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Directory Server 12.4 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "9040020240604143706.1674d574",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
@ -90,19 +111,6 @@
]
}
},
{
"product_name": "Red Hat Directory Server 12",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -147,6 +155,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4092",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:4092"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3657",
"refsource": "MISC",

6
2024/5xxx/CVE-2024-5988.json
View File

@ -79,9 +79,9 @@
"references": {
"reference_data": [
{
"url": "https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html",
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html",
"refsource": "MISC",
"name": "https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html"
"name": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html"
}
]
},
@ -98,7 +98,7 @@
{
"base64": false,
"type": "text/html",
"value": "\n\n<table><tbody><tr><td><p>Affected Product</p></td><td><p>CVE</p></td><td><p>First Known in software version</p></td><td><p>Corrected in software version (<b><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">Available Here</a></b>)</p></td></tr><tr><td rowspan=\"2\"><p><b>ThinManager\u00ae ThinServer\u2122</b></p></td><td><p>2024-5988</p><p>2024-5989</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>11.1.0</p><p>11.2.0</p><p>12.0.0</p><p>12.1.0</p><p>13.0.0</p><p>13.1.0</p><p>13.2.0</p></td><td><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.5</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.3</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.2.2</a></p></td></tr><tr><td><p>2024-5990</p></td><td><p>11.1.0</p><p>11.2.0</p><p>12.0.0</p><p>12.1.0</p><p>13.0.0</p><p>13.1.0</p></td><td><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.4</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.2</a></p></td></tr></tbody></table>\n\n<br>\n\n<p>Customers using the affected software are encouraged to apply the risk mitigations from the list below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of vulnerability.</p><p>\u00b7 Update to the corrected software versions via the <a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">ThinManager\u00ae Downloads Site</a></p><p>\u00b7 Limit remote access for TCP Port 2031 to known thin clients and ThinManager\u00ae servers.</p><p>\u00b7 Security<a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">&nbsp;Best Practices</a></p><p><b>&nbsp;</b></p>\n\n<br>"
"value": "<table><tbody><tr><td><p>Affected Product</p></td><td><p>CVE</p></td><td><p>First Known in software version</p></td><td><p>Corrected in software version (<b><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">Available Here</a></b>)</p></td></tr><tr><td rowspan=\"2\"><p><b>ThinManager\u00ae ThinServer\u2122</b></p></td><td><p>2024-5988</p><p>2024-5989</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>11.1.0</p><p>11.2.0</p><p>12.0.0</p><p>12.1.0</p><p>13.0.0</p><p>13.1.0</p><p>13.2.0</p></td><td><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.5</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.3</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.2.2</a></p></td></tr><tr><td><p>2024-5990</p></td><td><p>11.1.0</p><p>11.2.0</p><p>12.0.0</p><p>12.1.0</p><p>13.0.0</p><p>13.1.0</p></td><td><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.4</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.2</a></p></td></tr></tbody></table>\n\n<br>\n\n<p>Customers using the affected software are encouraged to apply the risk mitigations from the list below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of vulnerability.</p><p>\u00b7 Update to the corrected software versions via the <a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">ThinManager\u00ae Downloads Site</a></p><p>\u00b7 Limit remote access for TCP Port 2031 to known thin clients and ThinManager\u00ae servers.</p><p>\u00b7 Security<a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">&nbsp;Best Practices</a></p><p><b>&nbsp;</b></p>\n\n<br>"
}
],
"value": "Affected Product\n\nCVE\n\nFirst Known in software version\n\nCorrected in software version ( Available Here https://thinmanager.com/downloads/index.php )\n\nThinManager\u00ae ThinServer\u2122\n\n2024-5988\n\n2024-5989\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n11.1.0\n\n11.2.0\n\n12.0.0\n\n12.1.0\n\n13.0.0\n\n13.1.0\n\n13.2.0\n\n 11.1.8 https://thinmanager.com/downloads/index.php \n\n 11.2.9 https://thinmanager.com/downloads/index.php \n\n 12.0.7 https://thinmanager.com/downloads/index.php \n\n 12.1.8 https://thinmanager.com/downloads/index.php \n\n 13.0.5 https://thinmanager.com/downloads/index.php \n\n 13.1.3 https://thinmanager.com/downloads/index.php \n\n 13.2.2 https://thinmanager.com/downloads/index.php \n\n2024-5990\n\n11.1.0\n\n11.2.0\n\n12.0.0\n\n12.1.0\n\n13.0.0\n\n13.1.0\n\n 11.1.8 https://thinmanager.com/downloads/index.php \n\n 11.2.9 https://thinmanager.com/downloads/index.php \n\n 12.0.7 https://thinmanager.com/downloads/index.php \n\n 12.1.8 https://thinmanager.com/downloads/index.php \n\n 13.0.4 https://thinmanager.com/downloads/index.php \n\n 13.1.2 https://thinmanager.com/downloads/index.php \n\n\n\n\n\n\nCustomers using the affected software are encouraged to apply the risk mitigations from the list below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of vulnerability.\n\n\u00b7 Update to the corrected software versions via the ThinManager\u00ae Downloads Site https://thinmanager.com/downloads/index.php \n\n\u00b7 Limit remote access for TCP Port 2031 to known thin clients and ThinManager\u00ae servers.\n\n\u00b7 Security \u00a0Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"

99
2024/5xxx/CVE-2024-5989.json
View File

@ -1,18 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5989",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "PSIRT@rockwellautomation.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation\u00a0ThinManager\u00ae ThinServer\u2122."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Rockwell Automation",
"product": {
"product_data": [
{
"product_name": "ThinManager\u00ae ThinServer\u2122",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "11.2.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "12.1.0"
},
{
"version_affected": "=",
"version_value": "13.0.0"
},
{
"version_affected": "=",
"version_value": "13.1.0"
},
{
"version_affected": "=",
"version_value": "13.2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html",
"refsource": "MISC",
"name": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n<table><tbody><tr><td><p>Affected Product</p></td><td><p>CVE</p></td><td><p>First Known in software version</p></td><td><p>Corrected in software version (<b><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">Available Here</a></b>)</p></td></tr><tr><td rowspan=\"2\"><p><b>ThinManager\u00ae ThinServer\u2122</b></p></td><td><p>2024-5988</p><p>2024-5989</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>11.1.0</p><p>11.2.0</p><p>12.0.0</p><p>12.1.0</p><p>13.0.0</p><p>13.1.0</p><p>13.2.0</p></td><td><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.5</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.3</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.2.2</a></p></td></tr><tr><td><p>2024-5990</p></td><td><p>11.1.0</p><p>11.2.0</p><p>12.0.0</p><p>12.1.0</p><p>13.0.0</p><p>13.1.0</p></td><td><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.4</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.2</a></p></td></tr></tbody></table><br>\n\n<p>Customers using the affected software are encouraged to apply the risk mitigations from the list below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of vulnerability.</p><p>\u00b7 Update to the corrected software versions via the <a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">ThinManager\u00ae Downloads Site</a></p><p>\u00b7 Limit remote access for TCP Port 2031 to known thin clients and ThinManager\u00ae servers.</p><p>\u00b7 <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></p>"
}
],
"value": "Affected Product\n\nCVE\n\nFirst Known in software version\n\nCorrected in software version ( Available Here https://thinmanager.com/downloads/index.php )\n\nThinManager\u00ae ThinServer\u2122\n\n2024-5988\n\n2024-5989\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n11.1.0\n\n11.2.0\n\n12.0.0\n\n12.1.0\n\n13.0.0\n\n13.1.0\n\n13.2.0\n\n 11.1.8 https://thinmanager.com/downloads/index.php \n\n 11.2.9 https://thinmanager.com/downloads/index.php \n\n 12.0.7 https://thinmanager.com/downloads/index.php \n\n 12.1.8 https://thinmanager.com/downloads/index.php \n\n 13.0.5 https://thinmanager.com/downloads/index.php \n\n 13.1.3 https://thinmanager.com/downloads/index.php \n\n 13.2.2 https://thinmanager.com/downloads/index.php \n\n2024-5990\n\n11.1.0\n\n11.2.0\n\n12.0.0\n\n12.1.0\n\n13.0.0\n\n13.1.0\n\n 11.1.8 https://thinmanager.com/downloads/index.php \n\n 11.2.9 https://thinmanager.com/downloads/index.php \n\n 12.0.7 https://thinmanager.com/downloads/index.php \n\n 12.1.8 https://thinmanager.com/downloads/index.php \n\n 13.0.4 https://thinmanager.com/downloads/index.php \n\n 13.1.2 https://thinmanager.com/downloads/index.php \n\n\n\n\nCustomers using the affected software are encouraged to apply the risk mitigations from the list below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of vulnerability.\n\n\u00b7 Update to the corrected software versions via the ThinManager\u00ae Downloads Site https://thinmanager.com/downloads/index.php \n\n\u00b7 Limit remote access for TCP Port 2031 to known thin clients and ThinManager\u00ae servers.\n\n\u00b7 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
]
}

95
2024/5xxx/CVE-2024-5990.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5990",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "PSIRT@rockwellautomation.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer\u2122 and cause a denial-of-service condition on the affected device."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Rockwell Automation",
"product": {
"product_data": [
{
"product_name": "ThinManager\u00ae ThinServer\u2122",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.1.0"
},
{
"version_affected": "=",
"version_value": "11.2.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "12.1.0"
},
{
"version_affected": "=",
"version_value": "13.0.0"
},
{
"version_affected": "=",
"version_value": "13.1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html",
"refsource": "MISC",
"name": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n <b></b><table><tbody><tr><td><p>Affected Product</p></td><td><p>CVE</p></td><td><p>First Known in software version</p></td><td><p>Corrected in software version (<b><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">Available Here</a></b>)</p></td></tr><tr><td rowspan=\"2\"><p><b>ThinManager\u00ae ThinServer\u2122</b></p></td><td><p>2024-5988</p><p>2024-5989</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>11.1.0</p><p>11.2.0</p><p>12.0.0</p><p>12.1.0</p><p>13.0.0</p><p>13.1.0</p><p>13.2.0</p></td><td><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.5</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.3</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.2.2</a></p></td></tr><tr><td><p>2024-5990</p></td><td><p>11.1.0</p><p>11.2.0</p><p>12.0.0</p><p>12.1.0</p><p>13.0.0</p><p>13.1.0</p></td><td><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">11.2.9</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.0.7</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">12.1.8</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.0.4</a></p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">13.1.2</a></p></td></tr></tbody></table><p><b>\n\n</b></p><p><b>Customers using the affected software are encouraged to apply the risk mitigations from the list below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of vulnerability.</b></p><p><b>\u00b7Update to the corrected software versions via the <a target=\"_blank\" rel=\"nofollow\" href=\"https://thinmanager.com/downloads/index.php\">ThinManager\u00ae Downloads Site</a></b></p><p><b>\u00b7Limit remote access for TCP Port 2031 to known thin clients and ThinManager\u00ae servers.</b></p><p><b>\u00b7 <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></b></p><b>\n\n</b><p></p><br>"
}
],
"value": "Affected Product\n\nCVE\n\nFirst Known in software version\n\nCorrected in software version ( Available Here https://thinmanager.com/downloads/index.php )\n\nThinManager\u00ae ThinServer\u2122\n\n2024-5988\n\n2024-5989\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n11.1.0\n\n11.2.0\n\n12.0.0\n\n12.1.0\n\n13.0.0\n\n13.1.0\n\n13.2.0\n\n 11.1.8 https://thinmanager.com/downloads/index.php \n\n 11.2.9 https://thinmanager.com/downloads/index.php \n\n 12.0.7 https://thinmanager.com/downloads/index.php \n\n 12.1.8 https://thinmanager.com/downloads/index.php \n\n 13.0.5 https://thinmanager.com/downloads/index.php \n\n 13.1.3 https://thinmanager.com/downloads/index.php \n\n 13.2.2 https://thinmanager.com/downloads/index.php \n\n2024-5990\n\n11.1.0\n\n11.2.0\n\n12.0.0\n\n12.1.0\n\n13.0.0\n\n13.1.0\n\n 11.1.8 https://thinmanager.com/downloads/index.php \n\n 11.2.9 https://thinmanager.com/downloads/index.php \n\n 12.0.7 https://thinmanager.com/downloads/index.php \n\n 12.1.8 https://thinmanager.com/downloads/index.php \n\n 13.0.4 https://thinmanager.com/downloads/index.php \n\n 13.1.2 https://thinmanager.com/downloads/index.php \n\n\n\n\n\nCustomers using the affected software are encouraged to apply the risk mitigations from the list below, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the potential risk of vulnerability.\n\n\u00b7Update to the corrected software versions via the ThinManager\u00ae Downloads Site https://thinmanager.com/downloads/index.php \n\n\u00b7Limit remote access for TCP Port 2031 to known thin clients and ThinManager\u00ae servers.\n\n\u00b7 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
]
}

87
2024/6xxx/CVE-2024-6238.json
View File

@ -1,17 +1,96 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6238",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@postgresql.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "pgAdmin <= 8.8 has an installation Directory permission issue.\u00a0Because of this issue,\u00a0attackers can gain unauthorised access to the installation directory on the Debian or RHEL 8 platforms."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pgadmin.org",
"product": {
"product_data": [
{
"product_name": "pgAdmin 4",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "8.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/pgadmin-org/pgadmin4/issues/7605",
"refsource": "MISC",
"name": "https://github.com/pgadmin-org/pgadmin4/issues/7605"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
]
}

69
2024/6xxx/CVE-2024-6257.json
View File

@ -1,17 +1,78 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6257",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@hashicorp.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HashiCorp\u2019s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77: Improper Neutralization of Special Elements used in a Command (Command Injection)",
"cweId": "CWE-77"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HashiCorp",
"product": {
"product_data": [
{
"product_name": "Shared library",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.7.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2024-13-hashicorp-go-getter-vulnerable-to-code-execution-on-git-update-via-git-config-manipulation/68081",
"refsource": "MISC",
"name": "https://discuss.hashicorp.com/t/hcsec-2024-13-hashicorp-go-getter-vulnerable-to-code-execution-on-git-update-via-git-config-manipulation/68081"
}
]
},
"source": {
"advisory": "HCSEC-2024-13",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

106
2024/6xxx/CVE-2024-6305.json
View File

@ -5,115 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2024-6305",
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "WordPress Core is vulnerable to Stored Cross-Site Scripting via the Template Part Block in various versions up to 6.5.5 due to insufficient input sanitization and output escaping on the 'tagName' attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WordPress Foundation",
"product": {
"product_data": [
{
"product_name": "WordPress",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "5.9",
"version_value": "5.9.9"
},
{
"version_affected": "<=",
"version_name": "6.0",
"version_value": "6.0.8"
},
{
"version_affected": "<=",
"version_name": "6.1",
"version_value": "6.1.6"
},
{
"version_affected": "<=",
"version_name": "6.2",
"version_value": "6.2.5"
},
{
"version_affected": "<=",
"version_name": "6.3",
"version_value": "6.3.4"
},
{
"version_affected": "<=",
"version_name": "6.4",
"version_value": "6.4.4"
},
{
"version_affected": "<=",
"version_name": "6.5",
"version_value": "6.5.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2a225ccb-a7dc-4437-bd97-b309d6ae6a47?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2a225ccb-a7dc-4437-bd97-b309d6ae6a47?source=cve"
},
{
"url": "https://core.trac.wordpress.org/changeset/58471",
"refsource": "MISC",
"name": "https://core.trac.wordpress.org/changeset/58471"
},
{
"url": "https://wordpress.org/news/2024/06/wordpress-6-5-5/",
"refsource": "MISC",
"name": "https://wordpress.org/news/2024/06/wordpress-6-5-5/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Rafie Muhammad"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
"value": "** REJECT ** **REJECT** Accidental Reservation making this a duplicate. Please use CVE-2024-31111."
}
]
}

100
2024/6xxx/CVE-2024-6308.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6308",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in itsourcecode Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269620."
},
{
"lang": "deu",
"value": "In itsourcecode Simple Online Hotel Reservation System 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei index.php. Durch Beeinflussen des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "itsourcecode",
"product": {
"product_data": [
{
"product_name": "Simple Online Hotel Reservation System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.269620",
"refsource": "MISC",
"name": "https://vuldb.com/?id.269620"
},
{
"url": "https://vuldb.com/?ctiid.269620",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.269620"
},
{
"url": "https://vuldb.com/?submit.363955",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.363955"
},
{
"url": "https://github.com/L1OudFd8cl09/CVE/blob/main/25_06_2024_a.md",
"refsource": "MISC",
"name": "https://github.com/L1OudFd8cl09/CVE/blob/main/25_06_2024_a.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "N3xu5Cr4ck37 (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

18
2024/6xxx/CVE-2024-6329.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6329",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/6xxx/CVE-2024-6330.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6330",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}