admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-11-21 20:00:30 +00:00
parent ab770671fc
commit 22b306998d
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
11 changed files with 430 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2024/11xxx/CVE-2024-11605.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11605",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/11xxx/CVE-2024-11606.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11606",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/11xxx/CVE-2024-11607.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11607",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

7
2024/49xxx/CVE-2024-49203.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Querydsl 5.1.0 allows SQL/HQL injection in orderBy in JPAQuery."
"value": "Querydsl 5.1.0 and OpenFeign Querydsl 6.8 allows SQL/HQL injection in orderBy in JPAQuery."
}
]
},
@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://github.com/querydsl/querydsl/issues/3757",
"url": "https://github.com/querydsl/querydsl/issues/3757"
},
{
"refsource": "MISC",
"name": "https://github.com/OpenFeign/querydsl/",
"url": "https://github.com/OpenFeign/querydsl/"
}
]
}

81
2024/49xxx/CVE-2024-49588.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49588",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve-coordination@palantir.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to 0.543.0 were found to be vulnerable to SQL injections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Palantir",
"product": {
"product_data": [
{
"product_name": "com.palantir.srx.prometheus.sls-oracle-sidecar:sls-oracle-sidecar",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "*",
"version_value": "0.544.0"
},
{
"version_affected": "<",
"version_name": "0.347.0",
"version_value": "*"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://palantir.safebase.us/?tcuUid=b5724367-8b86-436a-8ef2-4480ec41cc2c",
"refsource": "MISC",
"name": "https://palantir.safebase.us/?tcuUid=b5724367-8b86-436a-8ef2-4480ec41cc2c"
},
{
"url": "https://cwe.mitre.org/data/definitions/89.html",
"refsource": "MISC",
"name": "https://cwe.mitre.org/data/definitions/89.html"
}
]
},
"source": {
"defect": [
"PLTRSEC-2024-46"
],
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"baseSeverity": "MEDIUM",
"baseScore": 6.8,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/MAV:A/MAC:L/MPR:H/MUI:R/MS:U",
"version": "3.1"
}
]
}

61
2024/51xxx/CVE-2024-51364.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-51364",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-51364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute arbitrary code via uploading a crafted .xml file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://modbusmechanic.com",
"refsource": "MISC",
"name": "http://modbusmechanic.com"
},
{
"url": "https://github.com/Gelcon/PoC-ModbusMechanic-3.0-Insecure-Deserialization-and-RCE",
"refsource": "MISC",
"name": "https://github.com/Gelcon/PoC-ModbusMechanic-3.0-Insecure-Deserialization-and-RCE"
}
]
}

66
2024/51xxx/CVE-2024-51365.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-51365",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-51365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in the importSettings method of VisiCut v2.1 allows attackers to execute arbitrary code via uploading a crafted Zip file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://visicut.com",
"refsource": "MISC",
"name": "http://visicut.com"
},
{
"url": "https://download.visicut.org/",
"refsource": "MISC",
"name": "https://download.visicut.org/"
},
{
"url": "https://github.com/Gelcon/PoC-of-VisiCut2_1-Stack-Overflow-Vul",
"refsource": "MISC",
"name": "https://github.com/Gelcon/PoC-of-VisiCut2_1-Stack-Overflow-Vul"
}
]
}

66
2024/51xxx/CVE-2024-51366.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-51366",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-51366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in the component \\Roaming\\Omega of OmegaT v6.0.1 allows attackers to execute arbitrary code via uploading a crafted .conf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://omegat.com",
"refsource": "MISC",
"name": "http://omegat.com"
},
{
"url": "https://github.com/Gelcon/PoCofOmegaTV6_0_1",
"refsource": "MISC",
"name": "https://github.com/Gelcon/PoCofOmegaTV6_0_1"
},
{
"url": "https://omegat.org/",
"refsource": "MISC",
"name": "https://omegat.org/"
}
]
}

61
2024/51xxx/CVE-2024-51367.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-51367",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-51367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in the component \\Users\\username.BlackBoard of BlackBoard v2.0.0.2 allows attackers to execute arbitrary code via uploading a crafted .xml file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://blackboard.com",
"refsource": "MISC",
"name": "http://blackboard.com"
},
{
"url": "https://github.com/Gelcon/PoCofBlackBoard2.0.0.2",
"refsource": "MISC",
"name": "https://github.com/Gelcon/PoCofBlackBoard2.0.0.2"
}
]
}

40
2024/8xxx/CVE-2024-8775.json
View File

@ -44,7 +44,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1.2.0-91",
"version": "3.0.1-96",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -86,7 +86,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.16.13-1",
"version": "2.12.10-54",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -113,12 +113,41 @@
}
},
{
"product_name": "Red Hat Ansible Automation Platform 2",
"product_name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:2.16.13-1.el8ap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:2.16.13-1.el9ap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
@ -151,6 +180,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:8969"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9894",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:9894"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-8775",
"refsource": "MISC",

32
2024/9xxx/CVE-2024-9355.json
View File

@ -35,6 +35,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:0.10-2.el7_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
@ -414,12 +435,6 @@
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
@ -871,6 +886,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:10133",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:10133"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:7502",
"refsource": "MISC",