admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-01-27 23:00:59 +00:00
parent 2e05ba68ba
commit 55a35fd6ea
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
17 changed files with 771 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2024/13xxx/CVE-2024-13750.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13750",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/13xxx/CVE-2024-13751.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13751",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/13xxx/CVE-2024-13752.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13752",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/13xxx/CVE-2024-13753.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13753",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

56
2024/48xxx/CVE-2024-48662.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-48662",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-48662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerability in AdGuard Application v.7.18.1 (4778) and before allows an attacker to execute arbitrary code via a crafted payload to the fontMatrix component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/VuDuc09/vuln_research/tree/main/CVE-2024-48662",
"url": "https://github.com/VuDuc09/vuln_research/tree/main/CVE-2024-48662"
}
]
}

2
2024/51xxx/CVE-2024-51417.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue in System.Linq.Dynamic.Core Latest version v.1.4.6 allows remote access to properties on reflection types and static properties/fields."
"value": "An issue in System.Linq.Dynamic.Core before 1.6.0 allows remote access to properties on reflection types and static properties/fields."
}
]
},

56
2024/54xxx/CVE-2024-54728.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-54728",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-54728",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 allows unauthorized attackers to access system logcat logs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://gist.github.com/xu-yanbo202000460009/00dacd7bfede713a0f052a531da4fabd",
"url": "https://gist.github.com/xu-yanbo202000460009/00dacd7bfede713a0f052a531da4fabd"
}
]
}

56
2024/56xxx/CVE-2024-56178.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56178",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-56178",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Couchbase Server 7.6.x through 7.6.3. A user with the security_admin_local role can create a new user in a group that has the admin role."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.couchbase.com/alerts/",
"url": "https://www.couchbase.com/alerts/"
}
]
}

56
2024/56xxx/CVE-2024-56316.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56316",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-56316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069 requests on TCP port 9675 or 7547. Rebooting does not resolve the permanent Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.y-security.de/news-en/axess-auto-configuration-server-denial-of-service-cve-2024-56316/",
"url": "https://www.y-security.de/news-en/axess-auto-configuration-server-denial-of-service-cve-2024-56316/"
}
]
}

56
2024/57xxx/CVE-2024-57052.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57052",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://gist.github.com/yahaha9/720fb45bbebda62dc198568c8d275df8",
"url": "https://gist.github.com/yahaha9/720fb45bbebda62dc198568c8d275df8"
}
]
}

56
2024/57xxx/CVE-2024-57373.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57373",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57373",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to execute arbitrary cod and obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/cypherdavy/CVE-2024-57373",
"url": "https://github.com/cypherdavy/CVE-2024-57373"
}
]
}

61
2024/57xxx/CVE-2024-57546.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57546",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Validate%20links%20SSRF.md",
"refsource": "MISC",
"name": "https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Validate%20links%20SSRF.md"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb",
"url": "https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb"
}
]
}

61
2024/57xxx/CVE-2024-57547.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57547",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Remote%20Code%20Execution%20via%20backup%20file%20editing.md",
"refsource": "MISC",
"name": "https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Remote%20Code%20Execution%20via%20backup%20file%20editing.md"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb",
"url": "https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb"
}
]
}

61
2024/57xxx/CVE-2024-57548.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57548",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "CMSimple 5.16 allows the user to edit log.php file via print page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Broken%20Access%20Control%20to%20log.php.md",
"refsource": "MISC",
"name": "https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Broken%20Access%20Control%20to%20log.php.md"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb",
"url": "https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb"
}
]
}

61
2024/57xxx/CVE-2024-57549.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57549",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Sensitive%20information%20disclosure.md",
"refsource": "MISC",
"name": "https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Sensitive%20information%20disclosure.md"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb",
"url": "https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb"
}
]
}

176
2025/21xxx/CVE-2025-21600.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An Out-of-Bounds Read vulnerability in\n\nthe routing protocol daemon (rpd) of \n\n Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\n\n\nThis issue only affects systems configured in\n either of two ways:\n\n \n \n * systems with BGP traceoptions enabled\n\n * systems with BGP family traffic-engineering (BGP-LS)\n configured\n\n\n and can be exploited from a directly connected and configured BGP peer.\u00a0\n\nThis issue affects iBGP and eBGP \n\nwith \n\nany address family\n\n configured, and both IPv4 and IPv6 are affected by this vulnerability.\n\nThis issue affects:\n\nJunos OS:\u00a0\n\n\n\n * All versions before 21.4R3-S9,\u00a0\n * from 22.2 before 22.2R3-S5,\u00a0\n * from 22.3 before 22.3R3-S4,\u00a0\n * from 22.4 before 22.4R3-S5,\u00a0\n * from 23.2 before 23.2R2-S3,\u00a0\n * from 23.4 before 23.4R2-S3,\u00a0\n * from 24.2 before 24.2R1-S2, 24.2R2;\u00a0\n\n\n\n\nJunos OS Evolved:\u00a0\n\n\n\n * All versions before 21.4R3-S9-EVO,\u00a0\n * from 22.2 before 22.2R3-S5-EVO,\u00a0\n * from 22.3 before 22.3R3-S4-EVO,\u00a0\n * from 22.4 before 22.4R3-S5-EVO,\u00a0\n * from 23.2 before 23.2R2-S3-EVO,\u00a0\n * from 23.4 before 23.4R2-S2-EVO,\u00a0\n * from 24.2 before 24.2R1-S2-EVO, 24.2R2-EVO.\n\n\n\nThis is a similar, but different vulnerability than the issue reported as CVE-2024-39516."
"value": "An Out-of-Bounds Read vulnerability in\n\nthe routing protocol daemon (rpd) of \n\n Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\n\n\nThis issue only affects systems configured in\n either of two ways:\n\n \n \n * systems with BGP traceoptions enabled\n\n * systems with BGP family traffic-engineering (BGP-LS)\n configured\n\n\n and can be exploited from a directly connected and configured BGP peer.\u00a0\n\nThis issue affects iBGP and eBGP \n\nwith \n\nany address family\n\n configured, and both IPv4 and IPv6 are affected by this vulnerability.\n\nThis issue affects:\n\nJunos OS:\u00a0\n\n\n\n * \n\nfrom 21.4 before 21.4R3-S9,\u00a0\n * from 22.2 before 22.2R3-S5,\u00a0\n * from 22.3 before 22.3R3-S4,\u00a0\n * from 22.4 before 22.4R3-S5,\u00a0\n * from 23.2 before 23.2R2-S3,\u00a0\n * from 23.4 before 23.4R2-S3,\u00a0\n * from 24.2 before 24.2R1-S2, 24.2R2;\u00a0\n\n\n\n\nJunos OS Evolved:\u00a0\n\n\n\n * from 21.4-EVO before 21.4R3-S9-EVO,\u00a0\n * from 22.2-EVO before 22.2R3-S5-EVO,\u00a0\n * from 22.3-EVO before 22.3R3-S4-EVO,\u00a0\n * from 22.4-EVO before 22.4R3-S5-EVO,\u00a0\n * from 23.2-EVO before 23.2R2-S3-EVO,\u00a0\n * from 23.4-EVO before 23.4R2-S2-EVO,\u00a0\n * from 24.2-EVO before 24.2R1-S2-EVO, 24.2R2-EVO.\n\n\nThis issue does not affect versions of Junos OS prior to 21.3R1.\n\n\nThis issue does not affect versions of Junos OS Evolved prior to 21.3R1-EVO.\n\n\n\nThis is a similar, but different vulnerability than the issue reported as CVE-2024-39516."
}
]
},
@ -40,39 +40,60 @@
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "21.4R3-S9"
},
{
"version_affected": "<",
"version_name": "22.2",
"version_value": "22.2R3-S5"
},
{
"version_affected": "<",
"version_name": "22.3",
"version_value": "22.3R3-S4"
},
{
"version_affected": "<",
"version_name": "22.4",
"version_value": "22.4R3-S5"
},
{
"version_affected": "<",
"version_name": "23.2",
"version_value": "23.2R2-S3"
},
{
"version_affected": "<",
"version_name": "23.4",
"version_value": "23.4R2-S3"
},
{
"version_affected": "<",
"version_name": "24.2",
"version_value": "24.2R1-S2, 24.2R2"
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "21.4R3-S9",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S5",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S4",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S5",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S3",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R1-S2, 24.2R2",
"status": "affected",
"version": "24.2",
"versionType": "semver"
},
{
"lessThan": "21.3R1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
}
]
}
@ -82,39 +103,60 @@
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "21.4R3-S9-EVO"
},
{
"version_affected": "<",
"version_name": "22.2",
"version_value": "22.2R3-S5-EVO"
},
{
"version_affected": "<",
"version_name": "22.3",
"version_value": "22.3R3-S4-EVO"
},
{
"version_affected": "<",
"version_name": "22.4",
"version_value": "22.4R3-S5-EVO"
},
{
"version_affected": "<",
"version_name": "23.2",
"version_value": "23.2R2-S3-EVO"
},
{
"version_affected": "<",
"version_name": "23.4",
"version_value": "23.4R2-S2-EVO"
},
{
"version_affected": "<",
"version_name": "24.2",
"version_value": "24.2R1-S2-EVO, 24.2R2-EVO"
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "21.4R3-S9-EVO",
"status": "affected",
"version": "21.4-EVO",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S5-EVO",
"status": "affected",
"version": "22.2-EVO",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S4-EVO",
"status": "affected",
"version": "22.3-EVO",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S5-EVO",
"status": "affected",
"version": "22.4-EVO",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3-EVO",
"status": "affected",
"version": "23.2-EVO",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S2-EVO",
"status": "affected",
"version": "23.4-EVO",
"versionType": "semver"
},
{
"lessThan": "24.2R1-S2-EVO, 24.2R2-EVO",
"status": "affected",
"version": "24.2-EVO",
"versionType": "semver"
},
{
"lessThan": "21.3R1-EVO",
"status": "unaffected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
}
]
}

73
2025/24xxx/CVE-2025-24369.json
View File

@ -1,18 +1,83 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-24369",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Anubis is a tool that allows administrators to protect bots against AI scrapers through bot-checking heuristics and a proof-of-work challenge to discourage scraping from multiple IP addresses. Anubis allows attackers to bypass the bot protection by requesting a challenge, formulates any nonce (such as 42069), and then passes the challenge with difficulty zero. Commit e09d0226a628f04b1d80fd83bee777894a45cd02 fixes this behavior by not using a client-specified difficulty value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"cweId": "CWE-807"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Xe",
"product": {
"product_data": [
{
"product_name": "x",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< v1.11.0-37-gd98d70a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/Xe/x/security/advisories/GHSA-56w8-8ppj-2p4f",
"refsource": "MISC",
"name": "https://github.com/Xe/x/security/advisories/GHSA-56w8-8ppj-2p4f"
},
{
"url": "https://github.com/Xe/x/commit/7bd7b209f4f1b897de85ec8973458dc8be606a8b",
"refsource": "MISC",
"name": "https://github.com/Xe/x/commit/7bd7b209f4f1b897de85ec8973458dc8be606a8b"
},
{
"url": "https://github.com/Xe/x/commit/e09d0226a628f04b1d80fd83bee777894a45cd02",
"refsource": "MISC",
"name": "https://github.com/Xe/x/commit/e09d0226a628f04b1d80fd83bee777894a45cd02"
},
{
"url": "https://xeiaso.net/notes/2025/GHSA-56w8-8ppj-2p4f",
"refsource": "MISC",
"name": "https://xeiaso.net/notes/2025/GHSA-56w8-8ppj-2p4f"
}
]
},
"source": {
"advisory": "GHSA-56w8-8ppj-2p4f",
"discovery": "UNKNOWN"
}
}