admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-06-24 19:00:35 +00:00
parent 990df4c64b
commit 49d62c3eef
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
9 changed files with 245 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
2018/5xxx/CVE-2018-5389.json
View File

@ -1,44 +1,12 @@
{
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2018-5389",
"STATE": "PUBLIC",
"TITLE": "Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Internet Key Exchange Protocol",
"version": {
"version_data": [
{
"affected": "=",
"version_name": "Version 1",
"version_value": "Version 1 Main Mode"
}
]
}
}
]
},
"vendor_name": "Internet Engineering Task Force"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Martin Grothe, Joerg Schwenk, and Dennis Felsch of the Ruhr-University Bochum, and Adam Czubak and Marcin Szymanek of the University of Opole for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2018-5389",
"ASSIGNER": "cert@cert.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
@ -53,36 +21,73 @@
"description": [
{
"lang": "eng",
"value": "CWE-323"
"value": "CWE-521 Weak Password Requirements"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-323 Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "strongSwan",
"product": {
"product_data": [
{
"product_name": "Strongswan",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.5.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html",
"url": "https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf",
"refsource": "MISC",
"url": "https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html"
"name": "https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf"
},
{
"name": "VU#857035",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/857035"
"url": "https://www.kb.cert.org/vuls/id/857035",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/857035"
},
{
"name": "https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf",
"url": "https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html",
"refsource": "MISC",
"url": "https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf"
"name": "https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html"
},
{
"name": "https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key",
"url": "https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key",
"refsource": "MISC",
"url": "https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key"
"name": "https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key"
}
]
},
"generator": {
"engine": "VINCE 3.0.4",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2018-5389"
},
"source": {
"discovery": "UNKNOWN"
}

56
2021/45xxx/CVE-2021-45785.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-45785",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-45785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to restart the server, causing a DoS attack. The attacker must craft a webpage that would perform a GET request to the /api/v1/admin/restart endpoint, then the victim (who has sufficient privileges), would visit the page and the server restart would begin. The attacker must know the full URL that TruDesk is on in order to craft the webpage."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://1d8.github.io/cves/cve_2021_45785/",
"url": "https://1d8.github.io/cves/cve_2021_45785/"
}
]
}

2
2022/26xxx/CVE-2022-26832.json
View File

@ -161,7 +161,7 @@
{
"version_affected": "<",
"version_name": "3.5.0",
"version_value": "50727.8962"
"version_value": "6.1.50727.8962"
}
]
}

56
2024/37xxx/CVE-2024-37732.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-37732",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-37732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gitee.com/Aa272899/CHG-sec/issues/I9UO7X",
"refsource": "MISC",
"name": "https://gitee.com/Aa272899/CHG-sec/issues/I9UO7X"
}
]
}

18
2024/6xxx/CVE-2024-6289.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6289",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/6xxx/CVE-2024-6290.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6290",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/6xxx/CVE-2024-6291.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6291",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/6xxx/CVE-2024-6292.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6292",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/6xxx/CVE-2024-6293.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6293",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}