admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-01-10 00:00:37 +00:00
parent 9ceec662f4
commit 2e7391e1db
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
12 changed files with 635 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2023/47xxx/CVE-2023-47996.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-47996",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-47996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47996",
"url": "https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47996"
}
]
}

56
2023/47xxx/CVE-2023-47997.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-47997",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-47997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47997",
"url": "https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47997"
}
]
}

66
2023/48xxx/CVE-2023-48655.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-48655",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-48655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/MISP/MISP/compare/v2.4.175...v2.4.176",
"refsource": "MISC",
"name": "https://github.com/MISP/MISP/compare/v2.4.175...v2.4.176"
},
{
"url": "https://github.com/MISP/MISP/commit/158c8b2f788b75e0d26e9249a75e1be291e59d4b",
"refsource": "MISC",
"name": "https://github.com/MISP/MISP/commit/158c8b2f788b75e0d26e9249a75e1be291e59d4b"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-blind-sql-injection-in-array-input-parameters/",
"url": "https://zigrin.com/advisories/misp-blind-sql-injection-in-array-input-parameters/"
}
]
}

66
2023/48xxx/CVE-2023-48656.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-48656",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-48656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/MISP/MISP/compare/v2.4.175...v2.4.176",
"refsource": "MISC",
"name": "https://github.com/MISP/MISP/compare/v2.4.175...v2.4.176"
},
{
"url": "https://github.com/MISP/MISP/commit/d6ad402b31547c95280a6d8320f8f87a8f609074",
"refsource": "MISC",
"name": "https://github.com/MISP/MISP/commit/d6ad402b31547c95280a6d8320f8f87a8f609074"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-blind-sql-injection-in-order-parameter/",
"url": "https://zigrin.com/advisories/misp-blind-sql-injection-in-order-parameter/"
}
]
}

66
2023/48xxx/CVE-2023-48657.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-48657",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-48657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/MISP/MISP/compare/v2.4.175...v2.4.176",
"refsource": "MISC",
"name": "https://github.com/MISP/MISP/compare/v2.4.175...v2.4.176"
},
{
"url": "https://github.com/MISP/MISP/commit/08bd23281ead288de678de666ef43ed6de1899fc",
"refsource": "MISC",
"name": "https://github.com/MISP/MISP/commit/08bd23281ead288de678de666ef43ed6de1899fc"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-time-based-sql-injection-in-logs-index/",
"url": "https://zigrin.com/advisories/misp-time-based-sql-injection-in-logs-index/"
}
]
}

5
2023/48xxx/CVE-2023-48658.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/MISP/MISP/commit/168621521b57b2437331174186f84a6aa3e71f0d",
"refsource": "MISC",
"name": "https://github.com/MISP/MISP/commit/168621521b57b2437331174186f84a6aa3e71f0d"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-time-based-sql-injection-in-logs-index/",
"url": "https://zigrin.com/advisories/misp-time-based-sql-injection-in-logs-index/"
}
]
}

5
2023/48xxx/CVE-2023-48659.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/MISP/MISP/commit/37ecf81b84a01baa4d4b1fade4de94a9018c32ed",
"refsource": "MISC",
"name": "https://github.com/MISP/MISP/commit/37ecf81b84a01baa4d4b1fade4de94a9018c32ed"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-reflected-cross-site-scripting-in-galaxies/",
"url": "https://zigrin.com/advisories/misp-reflected-cross-site-scripting-in-galaxies/"
}
]
}

127
2024/0xxx/CVE-2024-0354.json
View File

@ -1,17 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0354",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, has been found in unknown-o download-station up to 1.1.8. This issue affects some unknown processing of the file index.php. The manipulation of the argument f leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250121 was assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in unknown-o download-station bis 1.1.8 entdeckt. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei index.php. Durch die Manipulation des Arguments f mit unbekannten Daten kann eine path traversal: '../filedir'-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-24 Path Traversal: '../filedir'",
"cweId": "CWE-24"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "unknown-o",
"product": {
"product_data": [
{
"product_name": "download-station",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.1.0"
},
{
"version_affected": "=",
"version_value": "1.1.1"
},
{
"version_affected": "=",
"version_value": "1.1.2"
},
{
"version_affected": "=",
"version_value": "1.1.3"
},
{
"version_affected": "=",
"version_value": "1.1.4"
},
{
"version_affected": "=",
"version_value": "1.1.5"
},
{
"version_affected": "=",
"version_value": "1.1.6"
},
{
"version_affected": "=",
"version_value": "1.1.7"
},
{
"version_affected": "=",
"version_value": "1.1.8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.250121",
"refsource": "MISC",
"name": "https://vuldb.com/?id.250121"
},
{
"url": "https://vuldb.com/?ctiid.250121",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.250121"
},
{
"url": "https://note.zhaoj.in/share/nHD5xiHQgHG0",
"refsource": "MISC",
"name": "https://note.zhaoj.in/share/nHD5xiHQgHG0"
}
]
},
"credits": [
{
"lang": "en",
"value": "glzjin (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"
}
]
}

99
2024/0xxx/CVE-2024-0355.json
View File

@ -1,17 +1,108 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0355",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System up to 1.1. Affected is an unknown function of the file add-category.php. The manipulation of the argument category leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250122 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in PHPGurukul Dairy Farm Shop Management System bis 1.1 gefunden. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei add-category.php. Durch Manipulation des Arguments category mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PHPGurukul",
"product": {
"product_data": [
{
"product_name": "Dairy Farm Shop Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
},
{
"version_affected": "=",
"version_value": "1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.250122",
"refsource": "MISC",
"name": "https://vuldb.com/?id.250122"
},
{
"url": "https://vuldb.com/?ctiid.250122",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.250122"
},
{
"url": "https://medium.com/@heishou/dfsms-has-sql-injection-vulnerability-e9cfbc375be8",
"refsource": "MISC",
"name": "https://medium.com/@heishou/dfsms-has-sql-injection-vulnerability-e9cfbc375be8"
}
]
},
"credits": [
{
"lang": "en",
"value": "heishou (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.5,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.5,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

95
2024/0xxx/CVE-2024-0356.json
View File

@ -1,17 +1,104 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0356",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been found in Mandelo ssm_shiro_blog 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file updateRoles of the component Backend. The manipulation leads to improper access controls. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250123."
},
{
"lang": "deu",
"value": "In Mandelo ssm_shiro_blog 1.0 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei updateRoles der Komponente Backend. Mittels dem Manipulieren mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Controls",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mandelo",
"product": {
"product_data": [
{
"product_name": "ssm_shiro_blog",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.250123",
"refsource": "MISC",
"name": "https://vuldb.com/?id.250123"
},
{
"url": "https://vuldb.com/?ctiid.250123",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.250123"
},
{
"url": "https://medium.com/@heishou/ssm-has-a-vertical-override-vulnerability-8728da71842e",
"refsource": "MISC",
"name": "https://medium.com/@heishou/ssm-has-a-vertical-override-vulnerability-8728da71842e"
}
]
},
"credits": [
{
"lang": "en",
"value": "heishou (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N"
}
]
}

18
2024/0xxx/CVE-2024-0385.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0385",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/0xxx/CVE-2024-0386.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0386",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}