admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-16 00:00:35 +00:00
parent ae53bf60cb
commit 3272769f2d
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
7 changed files with 762 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
2024/43xxx/CVE-2024-43369.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43369",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Ibexa RichText Field Type is a Field Type for supporting rich formatted text stored in a structured XML format. In versions on the 4.6 branch prior to 4.6.10, the validator for the RichText fieldtype blocklists `javascript:` and `vbscript:` in links to prevent XSS. This can leave other options open, and the check can be circumvented using upper case. Content editing permissions for RichText content is required to exploit this vulnerability, which typically means Editor role or higher. The fix implements an allowlist instead, which allows only approved link protocols. The new check is case insensitive. Version 4.6.10 contains a patch for this issue. No known workarounds are available."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ibexa",
"product": {
"product_data": [
{
"product_name": "fieldtype-richtext",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 4.6.0, < 4.6.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-hvcf-6324-cjh7",
"refsource": "MISC",
"name": "https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-hvcf-6324-cjh7"
},
{
"url": "https://github.com/ezsystems/ezplatform-richtext/security/advisories/GHSA-rhm7-7469-rcpw",
"refsource": "MISC",
"name": "https://github.com/ezsystems/ezplatform-richtext/security/advisories/GHSA-rhm7-7469-rcpw"
},
{
"url": "https://github.com/ibexa/fieldtype-richtext/commit/0a3b830e8806d5169f697351fdc48ffd95a25c67",
"refsource": "MISC",
"name": "https://github.com/ibexa/fieldtype-richtext/commit/0a3b830e8806d5169f697351fdc48ffd95a25c67"
},
{
"url": "https://github.com/ibexa/fieldtype-richtext/commit/59e9c1a9da60597f60cf7338bf289dccaa7e27ca",
"refsource": "MISC",
"name": "https://github.com/ibexa/fieldtype-richtext/commit/59e9c1a9da60597f60cf7338bf289dccaa7e27ca"
},
{
"url": "https://developers.ibexa.co/security-advisories/ibexa-sa-2024-005-persistent-xss-in-richtext",
"refsource": "MISC",
"name": "https://developers.ibexa.co/security-advisories/ibexa-sa-2024-005-persistent-xss-in-richtext"
}
]
},
"source": {
"advisory": "GHSA-hvcf-6324-cjh7",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

81
2024/43xxx/CVE-2024-43370.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43370",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting (XSS) injection if `.po` dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this flaw in the definition of plural forms."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "guillaumepotier",
"product": {
"product_data": [
{
"product_name": "gettext.js",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 2.0.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/guillaumepotier/gettext.js/security/advisories/GHSA-vwhg-jwr4-vxgg",
"refsource": "MISC",
"name": "https://github.com/guillaumepotier/gettext.js/security/advisories/GHSA-vwhg-jwr4-vxgg"
},
{
"url": "https://github.com/guillaumepotier/gettext.js/commit/8150aeba833183e14c2291a8a148b8f79d1d68d8",
"refsource": "MISC",
"name": "https://github.com/guillaumepotier/gettext.js/commit/8150aeba833183e14c2291a8a148b8f79d1d68d8"
}
]
},
"source": {
"advisory": "GHSA-vwhg-jwr4-vxgg",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

81
2024/43xxx/CVE-2024-43374.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43374",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autocommand the buffer that was just opened is closed (including the window where it is shown), this causes the window structure to be freed which contains a reference to the argument list that we are actually modifying. Once the autocommands are completed, the references to the window and argument list are no longer valid and as such cause an use-after-free. Impact is low since the user must either intentionally add some unusual autocommands that wipe a buffer during creation (either manually or by sourcing a malicious plugin), but it will crash Vim. The issue has been fixed as of Vim patch v9.1.0678."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "vim",
"product": {
"product_data": [
{
"product_name": "vim",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 9.1.0678"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/vim/vim/security/advisories/GHSA-2w8m-443v-cgvw",
"refsource": "MISC",
"name": "https://github.com/vim/vim/security/advisories/GHSA-2w8m-443v-cgvw"
},
{
"url": "https://github.com/vim/vim/commit/0a6e57b09bc8c76691b367a5babfb79b31b770e8",
"refsource": "MISC",
"name": "https://github.com/vim/vim/commit/0a6e57b09bc8c76691b367a5babfb79b31b770e8"
}
]
},
"source": {
"advisory": "GHSA-2w8m-443v-cgvw",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
]
}

96
2024/43xxx/CVE-2024-43378.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43378",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitions are encrypted; but the partitions containing either `/` or `/boot` are unencrypted; have their LUKS disk encryption key file in plain text either in `/crypto_keyfile.bin`, or in a CPIO archive attached to their NixOS initrd. `nixos-install` is not affected, nor are UEFI installations, nor was the default automatic partitioning configuration on legacy BIOS systems. The problem has been fixed in calamares-nixos-extensions 0.3.17, which was included in NixOS. The current installer images for the NixOS 24.05 and unstable (24.11) channels are unaffected. The fix reached 24.05 at 2024-08-13 20:06:59 UTC, and unstable at 2024-08-15 09:00:20 UTC. Installer images downloaded before those times may be vulnerable. The best solution for affected users is probably to back up their data and do a complete reinstallation. However, the mitigation procedure in GHSA-3rvf-24q2-24ww should work solely for the case where `/` is encrypted but `/boot` is not. If `/` is unencrypted, then the `/crypto_keyfile.bin` file will need to be deleted in addition to the remediation steps in the previous advisory. This issue is a partial regression of CVE-2023-36476 / GHSA-3rvf-24q2-24ww, which was more severe as it applied to the default configuration on BIOS systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-256: Plaintext Storage of a Password",
"cweId": "CWE-256"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NixOS",
"product": {
"product_data": [
{
"product_name": "calamares-nixos-extensions",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 0.3.17"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/NixOS/calamares-nixos-extensions/security/advisories/GHSA-vfxf-gpmj-2p25",
"refsource": "MISC",
"name": "https://github.com/NixOS/calamares-nixos-extensions/security/advisories/GHSA-vfxf-gpmj-2p25"
},
{
"url": "https://github.com/NixOS/calamares-nixos-extensions/security/advisories/GHSA-3rvf-24q2-24ww",
"refsource": "MISC",
"name": "https://github.com/NixOS/calamares-nixos-extensions/security/advisories/GHSA-3rvf-24q2-24ww"
},
{
"url": "https://github.com/NixOS/calamares-nixos-extensions/pull/43",
"refsource": "MISC",
"name": "https://github.com/NixOS/calamares-nixos-extensions/pull/43"
},
{
"url": "https://github.com/NixOS/nixpkgs/pull/331607",
"refsource": "MISC",
"name": "https://github.com/NixOS/nixpkgs/pull/331607"
},
{
"url": "https://github.com/NixOS/nixpkgs/pull/334252",
"refsource": "MISC",
"name": "https://github.com/NixOS/nixpkgs/pull/334252"
}
]
},
"source": {
"advisory": "GHSA-vfxf-gpmj-2p25",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
]
}

100
2024/7xxx/CVE-2024-7845.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7845",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /tracking/admin/fetch_it.php. The manipulation of the argument request leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in SourceCodester Online Graduate Tracer System 1.0 gefunden. Sie wurde als kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /tracking/admin/fetch_it.php. Dank Manipulation des Arguments request mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Online Graduate Tracer System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.274748",
"refsource": "MISC",
"name": "https://vuldb.com/?id.274748"
},
{
"url": "https://vuldb.com/?ctiid.274748",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.274748"
},
{
"url": "https://vuldb.com/?submit.391606",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.391606"
},
{
"url": "https://github.com/Wsstiger/cve/blob/main/Tracer_sql2.md",
"refsource": "MISC",
"name": "https://github.com/Wsstiger/cve/blob/main/Tracer_sql2.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Wsstiger (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

314
2024/7xxx/CVE-2024-7849.json
View File

@ -1,17 +1,323 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7849",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. This affects the function cgi_create_album of the file /cgi-bin/photocenter_mgr.cgi. The manipulation of the argument current_path leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced."
},
{
"lang": "deu",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Es wurde eine kritische Schwachstelle in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 bis 20240814 gefunden. Es betrifft die Funktion cgi_create_album der Datei /cgi-bin/photocenter_mgr.cgi. Durch Manipulieren des Arguments current_path mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow",
"cweId": "CWE-120"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "D-Link",
"product": {
"product_data": [
{
"product_name": "DNS-120",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNR-202L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-315L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-320",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-320L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-320LW",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-321",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNR-322L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-323",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-325",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-326",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-327L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNR-326",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-340L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-343",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-345",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-726-4",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-1100-4",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-1200-05",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
},
{
"product_name": "DNS-1550-04",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240814"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.274755",
"refsource": "MISC",
"name": "https://vuldb.com/?id.274755"
},
{
"url": "https://vuldb.com/?ctiid.274755",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.274755"
},
{
"url": "https://vuldb.com/?submit.390113",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.390113"
},
{
"url": "https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_create_album.md",
"refsource": "MISC",
"name": "https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_create_album.md"
},
{
"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383",
"refsource": "MISC",
"name": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383"
}
]
},
"credits": [
{
"lang": "en",
"value": "BuaaI0TTeam (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 8.8,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C"
}
]
}

18
2024/7xxx/CVE-2024-7870.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7870",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}