admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-04-10 20:01:06 +00:00
parent a063497ac2
commit 1dbc0d93c5
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
36 changed files with 409 additions and 388 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
2021/46xxx/CVE-2021-46905.json
View File

@ -128,6 +128,21 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5871761c5f0f20d6e98bf3b6bd7486d857589554",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5871761c5f0f20d6e98bf3b6bd7486d857589554"
},
{
"url": "https://git.kernel.org/stable/c/0c71d4c89559f72cec2592d078681a843bce570e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0c71d4c89559f72cec2592d078681a843bce570e"
},
{
"url": "https://git.kernel.org/stable/c/24b699bea7553fc0b98dad9d864befb6005ac7f1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/24b699bea7553fc0b98dad9d864befb6005ac7f1"
},
{
"url": "https://git.kernel.org/stable/c/5c17cfe155d21954b4c7e2a78fa771cebcd86725",
"refsource": "MISC",
@ -161,6 +176,6 @@
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
"engine": "bippy-7f0d2821bfb2"
}
}

7
2021/46xxx/CVE-2021-46922.json
View File

@ -48,11 +48,6 @@
"version_name": "498b8fc1cdc1",
"version_value": "39c8d760d44c"
},
{
"version_affected": "<",
"version_name": "8c657a0590de",
"version_value": "9d5171eab462"
},
{
"version_affected": "<",
"version_name": "5.10.20",
@ -92,6 +87,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

7
2021/47xxx/CVE-2021-47178.json
View File

@ -38,11 +38,6 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "008b936bbde3",
"version_value": "a222d2794c53"
},
{
"version_affected": "<",
"version_name": "1526d9f10c61",
@ -107,6 +102,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

7
2021/47xxx/CVE-2021-47179.json
View File

@ -68,11 +68,6 @@
"version_name": "7e65ea887d0c",
"version_value": "b090d110e666"
},
{
"version_affected": "<",
"version_name": "de144ff4234f",
"version_value": "a421d218603f"
},
{
"version_affected": "<",
"version_name": "4.9.269",
@ -152,6 +147,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

22
2023/52xxx/CVE-2023-52433.json
View File

@ -38,26 +38,6 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c357648929c8",
"version_value": "03caf75da105"
},
{
"version_affected": "<",
"version_name": "146c76866795",
"version_value": "c323ed65f66e"
},
{
"version_affected": "<",
"version_name": "479a2cf52593",
"version_value": "9af7dfb3c9d7"
},
{
"version_affected": "<",
"version_name": "df650d6a4bf4",
"version_value": "9a8c544158f6"
},
{
"version_affected": "<",
"version_name": "f6c383b8c31a",
@ -137,6 +117,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

21
2023/52xxx/CVE-2023-52525.json
View File

@ -40,44 +40,39 @@
"version_data": [
{
"version_affected": "<",
"version_name": "f517c97fc129",
"version_name": "a7a35f35b7a4",
"version_value": "71b1d2b57f14"
},
{
"version_affected": "<",
"version_name": "8824aa4ab62c",
"version_name": "68a1716869af",
"version_value": "16cc18b90808"
},
{
"version_affected": "<",
"version_name": "29eca8b7863d",
"version_name": "df1753eae74b",
"version_value": "b8e260654a29"
},
{
"version_affected": "<",
"version_name": "3fe3923d092e",
"version_name": "08a6e99a334d",
"version_value": "10a18c8bac7f"
},
{
"version_affected": "<",
"version_name": "7c54b6fc39eb",
"version_name": "89f19a9a055d",
"version_value": "5afb996349cb"
},
{
"version_affected": "<",
"version_name": "3975e21d4d01",
"version_name": "cde525d61178",
"version_value": "6b706286473d"
},
{
"version_affected": "<",
"version_name": "650d1bc02fba",
"version_name": "7be3bf0bb299",
"version_value": "be2ff39b1504"
},
{
"version_affected": "<",
"version_name": "119585281617",
"version_value": "aef7a0300047"
},
{
"version_affected": "<",
"version_name": "4.14.326",
@ -167,6 +162,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

4
2023/52xxx/CVE-2023-52563.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "e098989a9219",
"version_name": "50446ac34545",
"version_value": "66cb6d74f5a1"
},
{
@ -124,6 +124,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-851b3ed3d212"
}
}

8
2023/52xxx/CVE-2023-52575.json
View File

@ -40,17 +40,17 @@
"version_data": [
{
"version_affected": "<",
"version_name": "3f9b7101bea1",
"version_name": "8457fb5740b1",
"version_value": "ae806c74c063"
},
{
"version_affected": "<",
"version_name": "b35087763a44",
"version_name": "153f9a7b02d4",
"version_value": "13ea4b92e875"
},
{
"version_affected": "<",
"version_name": "ac41e90d8daa",
"version_name": "4f25355540ad",
"version_value": "adbcec23c842"
},
{
@ -145,6 +145,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-851b3ed3d212"
}
}

7
2023/52xxx/CVE-2023-52577.json
View File

@ -73,11 +73,6 @@
"version_name": "ec620c34f5fa",
"version_value": "1512d8f45d3c"
},
{
"version_affected": "<",
"version_name": "977ad86c2a1b",
"version_value": "6af289746a63"
},
{
"version_affected": "<",
"version_name": "4.14.326",
@ -167,6 +162,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

22
2023/52xxx/CVE-2023-52581.json
View File

@ -38,26 +38,6 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bbdb3b65aa91",
"version_value": "a995a68e8a3b"
},
{
"version_affected": "<",
"version_name": "448be0774882",
"version_value": "09c85f2d21ab"
},
{
"version_affected": "<",
"version_name": "d19e8bf3ea41",
"version_value": "ef99506eaf1d"
},
{
"version_affected": "<",
"version_name": "ea3eb9f2192e",
"version_value": "7e5d732e6902"
},
{
"version_affected": "<",
"version_name": "5f68718b34a5",
@ -137,6 +117,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

7
2024/26xxx/CVE-2024-26626.json
View File

@ -53,11 +53,6 @@
"version_name": "7d97858e21fb",
"version_value": "2e8c9ae40add"
},
{
"version_affected": "<",
"version_name": "bb7403655b3c",
"version_value": "e622502c310f"
},
{
"version_affected": "<",
"version_name": "6.1.75",
@ -107,6 +102,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

7
2024/26xxx/CVE-2024-26639.json
View File

@ -53,11 +53,6 @@
"version_name": "3a01daace71b",
"version_value": "5a33420599fa"
},
{
"version_affected": "<",
"version_name": "5ec8e8ea8b77",
"version_value": "f6564fce256a"
},
{
"version_affected": "<",
"version_name": "6.1.76",
@ -107,6 +102,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

20
2024/26xxx/CVE-2024-26643.json
View File

@ -40,12 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "d19e8bf3ea41",
"version_value": "291cca35818b"
},
{
"version_affected": "<",
"version_name": "ea3eb9f2192e",
"version_name": "1e4c03d530d8",
"version_value": "406b0241d0eb"
},
{
@ -67,12 +62,6 @@
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.154",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.84",
"lessThanOrEqual": "6.1.*",
@ -112,11 +101,6 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/291cca35818bd52a407bc37ab45a15816039e363",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/291cca35818bd52a407bc37ab45a15816039e363"
},
{
"url": "https://git.kernel.org/stable/c/406b0241d0eb598a0b330ab20ae325537d8d8163",
"refsource": "MISC",
@ -140,6 +124,6 @@
]
},
"generator": {
"engine": "bippy-d175d3acf727"
"engine": "bippy-851b3ed3d212"
}
}

7
2024/26xxx/CVE-2024-26678.json
View File

@ -38,11 +38,6 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "686b58ce5052",
"version_value": "0a962f2fbaa9"
},
{
"version_affected": "<",
"version_name": "3e3eabe26dc8",
@ -107,6 +102,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

7
2024/26xxx/CVE-2024-26710.json
View File

@ -53,11 +53,6 @@
"version_name": "58f396513cb1",
"version_value": "b29b16bd836a"
},
{
"version_affected": "<",
"version_name": "18f14afe2816",
"version_value": "f1acb109505d"
},
{
"version_affected": "<",
"version_name": "6.1.75",
@ -107,6 +102,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

12
2024/26xxx/CVE-2024-26731.json
View File

@ -52,6 +52,16 @@
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.80",
"lessThanOrEqual": "6.1.*",
@ -114,6 +124,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-851b3ed3d212"
}
}

22
2024/26xxx/CVE-2024-26750.json
View File

@ -43,26 +43,6 @@
"version_name": "36f7371de977",
"version_value": "6c480d0f1318"
},
{
"version_affected": "<",
"version_name": "2a3d40b4025f",
"version_value": "c4c795b21dd2"
},
{
"version_affected": "<",
"version_name": "69e0f04460f4",
"version_value": "e9eac260369d"
},
{
"version_affected": "<",
"version_name": "cb8890318dde",
"version_value": "43ba9e331559"
},
{
"version_affected": "<",
"version_name": "25236c91b5ab",
"version_value": "aa82ac51d633"
},
{
"version_affected": "<",
"version_name": "5.15.149",
@ -107,6 +87,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

12
2024/26xxx/CVE-2024-26752.json
View File

@ -72,6 +72,16 @@
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.308",
"lessThanOrEqual": "4.19.*",
@ -178,6 +188,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-851b3ed3d212"
}
}

12
2024/26xxx/CVE-2024-26753.json
View File

@ -52,6 +52,16 @@
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
@ -125,6 +135,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-851b3ed3d212"
}
}

12
2024/26xxx/CVE-2024-26766.json
View File

@ -72,6 +72,16 @@
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.308",
"lessThanOrEqual": "4.19.*",
@ -178,6 +188,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-851b3ed3d212"
}
}

12
2024/26xxx/CVE-2024-26780.json
View File

@ -38,11 +38,6 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4fe505c63aa3",
"version_value": "36f7371de977"
},
{
"version_affected": "<",
"version_name": "e0e09186d882",
@ -58,11 +53,6 @@
"version_name": "82ae47c5c3a6",
"version_value": "cb8890318dde"
},
{
"version_affected": "<",
"version_name": "1279f9d9dec2",
"version_value": "25236c91b5ab"
},
{
"version_affected": "<",
"version_name": "6.1.78",
@ -117,6 +107,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

7
2024/26xxx/CVE-2024-26781.json
View File

@ -63,11 +63,6 @@
"version_name": "298ac00da8e6",
"version_value": "d487e7ba1bc7"
},
{
"version_affected": "<",
"version_name": "b8adb69a7d29",
"version_value": "d6a9608af9a7"
},
{
"version_affected": "<",
"version_name": "5.10.211",
@ -137,6 +132,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

7
2024/26xxx/CVE-2024-26792.json
View File

@ -53,11 +53,6 @@
"version_name": "5a172344bfda",
"version_value": "c8ab7521665b"
},
{
"version_affected": "<",
"version_name": "e03ee2fe873e",
"version_value": "e2b54eaf28df"
},
{
"version_affected": "<",
"version_name": "6.1.79",
@ -107,6 +102,6 @@
]
},
"generator": {
"engine": "bippy-5f0117140d9a"
"engine": "bippy-7f0d2821bfb2"
}
}

12
2024/26xxx/CVE-2024-26798.json
View File

@ -52,6 +52,16 @@
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
@ -125,6 +135,6 @@
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
"engine": "bippy-851b3ed3d212"
}
}

12
2024/26xxx/CVE-2024-26809.json
View File

@ -57,6 +57,16 @@
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
@ -152,6 +162,6 @@
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
"engine": "bippy-851b3ed3d212"
}
}

2
2024/27xxx/CVE-2024-27575.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "INOTEC Sicherheitstechnik WebServer CPS220/64 3.3.19 allows a remote attacker to read arbitrary files via absolute path traversal, such as with the /cgi-bin/display?file=/etc/passwd URI."
"value": "Directory Traversal vulnerability in INOTEC Sicherheitstechnik GmbH INOTEC Sicherheitstechnik GmbH WebServer CPS220/64 V.3.3.19 allows a remote attacker to execute arbitrary code via the /etc/passwd file."
}
]
},

3
2024/29xxx/CVE-2024-29049.json
View File

@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "Spoofing"
}
]
}

3
2024/29xxx/CVE-2024-29981.json
View File

@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-1021: Improper Restriction of Rendered UI Layers or Frames",
"cweId": "CWE-1021"
"value": "Spoofing"
}
]
}

114
2024/31xxx/CVE-2024-31487.json
View File

@ -1,123 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-31487",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2.4.1 may allows attacker to information disclosure via crafted http requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "FortiSandbox",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "4.4.0",
"version_value": "4.4.4"
},
{
"version_affected": "<=",
"version_name": "4.2.0",
"version_value": "4.2.6"
},
{
"version_affected": "<=",
"version_name": "4.0.0",
"version_value": "4.0.5"
},
{
"version_affected": "<=",
"version_name": "3.2.0",
"version_value": "3.2.4"
},
{
"version_affected": "<=",
"version_name": "3.1.0",
"version_value": "3.1.5"
},
{
"version_affected": "<=",
"version_name": "3.0.0",
"version_value": "3.0.7"
},
{
"version_affected": "<=",
"version_name": "2.5.0",
"version_value": "2.5.2"
},
{
"version_affected": "<=",
"version_name": "2.4.0",
"version_value": "2.4.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://fortiguard.com/psirt/FG-IR-24-060",
"refsource": "MISC",
"name": "https://fortiguard.com/psirt/FG-IR-24-060"
}
]
},
"solution": [
{
"lang": "en",
"value": "Please upgrade to FortiSandbox version 4.4.5 or above \nPlease upgrade to FortiSandbox version 4.2.7 or above \n"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:F/RL:X/RC:X"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

84
2024/31xxx/CVE-2024-31492.json
View File

@ -1,93 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-31492",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands",
"cweId": "CWE-73"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "FortiClientMac",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "7.2.0",
"version_value": "7.2.3"
},
{
"version_affected": "<=",
"version_name": "7.0.6",
"version_value": "7.0.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-345",
"refsource": "MISC",
"name": "https://fortiguard.com/psirt/FG-IR-23-345"
}
]
},
"solution": [
{
"lang": "en",
"value": "Please upgrade to FortiClientMac version 7.2.4 or above \nPlease upgrade to FortiClientMac version 7.0.11 or above \n"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:X/RC:X"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

2
2024/31xxx/CVE-2024-31498.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Yubico ykman-gui (aka YubiKey Manager GUI) before 1.2.6 on Windows, when Edge is not used, allows privilege escalation because browser windows can open as Administrator."
"value": "ykman-gui (aka YubiKey Manager GUI) before 1.2.6 on Windows, when Edge is not used, allows privilege escalation because browser windows can open as Administrator."
}
]
},

2
2024/3xxx/CVE-2024-3250.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was discovered that Pebble's read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble was running as root. Fixes are also available as backports to v1.1.1, v1.4.2, and v1.7.4."
"value": "It was discovered that Canonical's Pebble service manager read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble was running as root. Fixes are also available as backports to v1.1.1, v1.4.2, and v1.7.4."
}
]
},

2
2024/3xxx/CVE-2024-3296.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode."
"value": "A timing-based side-channel exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode."
}
]
},

95
2024/3xxx/CVE-2024-3314.json
View File

@ -1,17 +1,104 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3314",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php. The manipulation leads to sql injection. The attack may be initiated remotely. The identifier VDB-259385 was assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in SourceCodester Computer Laboratory Management System 1.0 gefunden. Davon betroffen ist unbekannter Code der Datei /classes/Users.php. Mittels dem Manipulieren mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Computer Laboratory Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.259385",
"refsource": "MISC",
"name": "https://vuldb.com/?id.259385"
},
{
"url": "https://vuldb.com/?ctiid.259385",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.259385"
},
{
"url": "https://vuldb.com/?submit.309526",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.309526"
}
]
},
"credits": [
{
"lang": "en",
"value": "k1ngd0m3 (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

100
2024/3xxx/CVE-2024-3315.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3315",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file classes/user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-259386 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Es wurde eine kritische Schwachstelle in SourceCodester Computer Laboratory Management System 1.0 ausgemacht. Hiervon betroffen ist ein unbekannter Codeblock der Datei classes/user.php. Mittels Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Computer Laboratory Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.259386",
"refsource": "MISC",
"name": "https://vuldb.com/?id.259386"
},
{
"url": "https://vuldb.com/?ctiid.259386",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.259386"
},
{
"url": "https://vuldb.com/?submit.309575",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.309575"
},
{
"url": "https://github.com/adminininin/blob/blob/main/README.md",
"refsource": "MISC",
"name": "https://github.com/adminininin/blob/blob/main/README.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "k1ngd0m3 (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

100
2024/3xxx/CVE-2024-3316.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3316",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/category/view_category.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259387."
},
{
"lang": "deu",
"value": "In SourceCodester Computer Laboratory Management System 1.0 wurde eine kritische Schwachstelle ausgemacht. Betroffen ist eine unbekannte Verarbeitung der Datei /admin/category/view_category.php. Durch das Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Computer Laboratory Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.259387",
"refsource": "MISC",
"name": "https://vuldb.com/?id.259387"
},
{
"url": "https://vuldb.com/?ctiid.259387",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.259387"
},
{
"url": "https://vuldb.com/?submit.309584",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.309584"
},
{
"url": "https://github.com/adminininin/blob/blob/main/2.md",
"refsource": "MISC",
"name": "https://github.com/adminininin/blob/blob/main/2.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "k1ngd0m3 (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}