admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-03-05 18:00:36 +00:00
parent 4b85b41380
commit 541e37347a
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
9 changed files with 518 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2023/43xxx/CVE-2023-43787.json
View File

@ -159,6 +159,11 @@
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/24/9"
},
{
"url": "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/",
"refsource": "MISC",
"name": "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/"
}
]
},

127
2024/22xxx/CVE-2024-22252.json
View File

@ -1,17 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22252",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8.0 ",
"version_value": "ESXi80U2sb-23305545"
},
{
"version_affected": "<",
"version_name": "8.0",
"version_value": "ESXi80U1d-23299997"
},
{
"version_affected": "<",
"version_name": "7.0",
"version_value": "ESXi70U3p-23307199"
}
]
}
},
{
"product_name": "VMware Workstation",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.x",
"version_value": "17.5.1"
}
]
}
},
{
"product_name": "VMware Fusion",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.x",
"version_value": "13.5.1"
}
]
}
},
{
"product_name": "VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.x"
},
{
"version_affected": "=",
"version_value": "4.x"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html",
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

122
2024/22xxx/CVE-2024-22253.json
View File

@ -1,17 +1,131 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22253",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8.0",
"version_value": "ESXi80U2sb-23305545"
},
{
"version_affected": "<",
"version_name": "7.0",
"version_value": "ESXi70U3p-23307199"
}
]
}
},
{
"product_name": "VMware Workstation",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.x",
"version_value": "17.5.1"
}
]
}
},
{
"product_name": "VMware Fusion",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.x",
"version_value": "13.5.1"
}
]
}
},
{
"product_name": "VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.x"
},
{
"version_affected": "=",
"version_value": "4.x"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html",
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

98
2024/22xxx/CVE-2024-22254.json
View File

@ -1,17 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22254",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware ESXi contains an out-of-bounds write vulnerability.\u00a0A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.\n\n\n\n\n\n\n\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8.0",
"version_value": "ESXi80U2sb-23305545"
},
{
"version_affected": "<",
"version_name": "7.0",
"version_value": "ESXi70U3p-23307199"
}
]
}
},
{
"product_name": "VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.x"
},
{
"version_affected": "=",
"version_value": "4.x"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html",
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
]
}

127
2024/22xxx/CVE-2024-22255.json
View File

@ -1,17 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22255",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller.\u00a0A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.\u00a0\u00a0\n\n\n\n\n\n\n\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8.0 ",
"version_value": "ESXi80U2sb-23305545"
},
{
"version_affected": "<",
"version_name": "8.0",
"version_value": "ESXi80U1d-23299997"
},
{
"version_affected": "<",
"version_name": "7.0",
"version_value": "ESXi70U3p-23307199"
}
]
}
},
{
"product_name": "VMware Workstation",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.x",
"version_value": "17.5.1"
}
]
}
},
{
"product_name": "VMware Fusion",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.x",
"version_value": "13.5.1"
}
]
}
},
{
"product_name": "VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.x"
},
{
"version_affected": "=",
"version_value": "4.x"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html",
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
}

2
2024/22xxx/CVE-2024-22545.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows local unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub_420AE0() function."
"value": "An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub_420AE0() function. The attack can be launched remotely."
}
]
},

18
2024/2xxx/CVE-2024-2195.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/2xxx/CVE-2024-2196.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/2xxx/CVE-2024-2197.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}