admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-12-18 07:00:53 +00:00
parent 58a80a14a1
commit 56f8e5f472
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
18 changed files with 863 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
2024/10xxx/CVE-2024-10892.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10892",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Cost Calculator Builder WordPress plugin before 3.2.43 does not have CSRF checks in some AJAX actions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Cost Calculator Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "3.2.43"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/ff1f5b84-a8cf-4574-a713-53d35739c6cb/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/ff1f5b84-a8cf-4574-a713-53d35739c6cb/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Miguel Xavier Penha Neto"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

18
2024/12xxx/CVE-2024-12747.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12747",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

60
2024/1xxx/CVE-2024-1610.json
View File

@ -1,18 +1,70 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1610",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@oppo.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In OPPO Store APP, there's a possible escalation of privilege due to improper input validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OPPO",
"product": {
"product_data": [
{
"product_name": "OPPO Store APP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.32.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1869215920048840704",
"refsource": "MISC",
"name": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1869215920048840704"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
}
}

89
2024/21xxx/CVE-2024-21546.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-21546",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution (RCE) through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution (RCE)",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "unisharp/laravel-filemanager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.9.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-PHP-UNISHARPLARAVELFILEMANAGER-7210316",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-PHP-UNISHARPLARAVELFILEMANAGER-7210316"
},
{
"url": "https://gist.github.com/ImHades101/338a06816ef97262ba632af9c78b78ca",
"refsource": "MISC",
"name": "https://gist.github.com/ImHades101/338a06816ef97262ba632af9c78b78ca"
},
{
"url": "https://github.com/UniSharp/laravel-filemanager/commit/8170760c0ae316d77b9363cd4c76ab68d3f63f0b",
"refsource": "MISC",
"name": "https://github.com/UniSharp/laravel-filemanager/commit/8170760c0ae316d77b9363cd4c76ab68d3f63f0b"
}
]
},
"credits": [
{
"lang": "en",
"value": "V\u00f5 Th\u00e0nh Nam"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P"
}
]
}

89
2024/21xxx/CVE-2024-21547.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-21547",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Versions of the package spatie/browsershot before 5.0.2 are vulnerable to Directory Traversal due to URI normalisation in the browser where the file:// check can be bypassed with file:\\\\. An attacker could read any file on the server by exploiting the normalization of \\ into /."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory Traversal",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "spatie/browsershot",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-PHP-SPATIEBROWSERSHOT-8501858",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-PHP-SPATIEBROWSERSHOT-8501858"
},
{
"url": "https://gist.github.com/chuajianshen/baa71db588cfc038fb5d65624a47be81",
"refsource": "MISC",
"name": "https://gist.github.com/chuajianshen/baa71db588cfc038fb5d65624a47be81"
},
{
"url": "https://github.com/spatie/browsershot/commit/dfc3635b83dd980e5c39f8f8c73e87723b99ca01",
"refsource": "MISC",
"name": "https://github.com/spatie/browsershot/commit/dfc3635b83dd980e5c39f8f8c73e87723b99ca01"
}
]
},
"credits": [
{
"lang": "en",
"value": "Jian Shen Chua"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P"
}
]
}

89
2024/21xxx/CVE-2024-21548.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-21548",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Versions of the package bun before 1.1.30 are vulnerable to Prototype Pollution due to improper input sanitization. An attacker can exploit this vulnerability through Bun's APIs that accept objects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Prototype Pollution",
"cweId": "CWE-1321"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "bun",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.1.30"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-BUN-8499549",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-JS-BUN-8499549"
},
{
"url": "https://github.com/oven-sh/bun/commit/a234e067a5dc7837602df3fb5489e826920cc65a",
"refsource": "MISC",
"name": "https://github.com/oven-sh/bun/commit/a234e067a5dc7837602df3fb5489e826920cc65a"
},
{
"url": "https://github.com/oven-sh/bun/pull/14119",
"refsource": "MISC",
"name": "https://github.com/oven-sh/bun/pull/14119"
}
]
},
"credits": [
{
"lang": "en",
"value": "Liran Tal - Snyk Research Team"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P"
}
]
}

66
2024/39xxx/CVE-2024-39703.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39703",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-39703",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary commands by sending a crafted request to an API endpoint."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://threatq.freshdesk.com/helpdesk/tickets/10367",
"refsource": "MISC",
"name": "https://threatq.freshdesk.com/helpdesk/tickets/10367"
},
{
"url": "https://www.threatq.com/vulnerability-management/",
"refsource": "MISC",
"name": "https://www.threatq.com/vulnerability-management/"
},
{
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-01",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-01"
}
]
}

6
2024/45xxx/CVE-2024-45841.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained."
"value": "Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained."
}
]
},
@ -41,7 +41,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Ver.2.1.8 and earlier"
"version_value": "firmware Ver.2.1.9 and earlier"
}
]
}
@ -52,7 +52,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Ver.2.1.8 and earlier"
"version_value": "firmware Ver.2.1.9 and earlier"
}
]
}

6
2024/47xxx/CVE-2024-47133.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier allow a remote authenticated attacker with an administrative account to execute arbitrary OS commands."
"value": "UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier allow a remote authenticated attacker with an administrative account to execute arbitrary OS commands."
}
]
},
@ -41,7 +41,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Ver.2.1.8 and earlier"
"version_value": "firmware Ver.2.1.9 and earlier"
}
]
}
@ -52,7 +52,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Ver.2.1.8 and earlier"
"version_value": "firmware Ver.2.1.9 and earlier"
}
]
}

80
2024/47xxx/CVE-2024-47397.json
View File

@ -1,17 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47397",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier. If this vulnerability is exploited, the authentication may be bypassed with an undocumented specific string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak authentication",
"cweId": "CWE-1390"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "FXC Inc.",
"product": {
"product_data": [
{
"product_name": "AE1021",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware versions 2.0.10 and earlier"
}
]
}
},
{
"product_name": "AE1021PE",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware versions 2.0.10 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.fxc.jp/news/20241213",
"refsource": "MISC",
"name": "https://www.fxc.jp/news/20241213"
},
{
"url": "https://jvn.jp/en/vu/JVNVU91084137/",
"refsource": "MISC",
"name": "https://jvn.jp/en/vu/JVNVU91084137/"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
]
}

100
2024/4xxx/CVE-2024-4464.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4464",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@synology.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Authorization bypass through user-controlled key vulnerability in streaming service in Synology Media Server before 1.4-2680, 2.0.5-3152 and 2.2.0-3325 allows remote attackers to read specific files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authorization Bypass Through User-Controlled Key",
"cweId": "CWE-639"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Synology",
"product": {
"product_data": [
{
"product_name": "Media Server",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "*",
"status": "affected",
"lessThan": "2.0.5-3152",
"versionType": "semver"
},
{
"version": "*",
"status": "affected",
"lessThan": "2.2.0-3325",
"versionType": "semver"
},
{
"version": "*",
"status": "affected",
"lessThan": "1.4-2680",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_28",
"refsource": "MISC",
"name": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_28"
}
]
},
"credits": [
{
"lang": "en",
"value": "TEAM TGLS (Best of the Best 12th) (https://zrr.kr/SWND)"
}
],
"impact": {
"cvss": [
{
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"version": "3.1"
}
]
}

5
2024/53xxx/CVE-2024-53096.json
View File

@ -136,6 +136,11 @@
"url": "https://git.kernel.org/stable/c/5de195060b2e251a835f622759550e6202167641",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5de195060b2e251a835f622759550e6202167641"
},
{
"url": "https://project-zero.issues.chromium.org/issues/374117290",
"refsource": "MISC",
"name": "https://project-zero.issues.chromium.org/issues/374117290"
}
]
},

80
2024/53xxx/CVE-2024-53688.json
View File

@ -1,17 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-53688",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to execute an arbitrary OS command using a crafted HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper neutralization of special elements used in an OS command ('OS Command Injection')",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "FXC Inc.",
"product": {
"product_data": [
{
"product_name": "AE1021",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware versions 2.0.10 and earlier"
}
]
}
},
{
"product_name": "AE1021PE",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware versions 2.0.10 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.fxc.jp/news/20241213",
"refsource": "MISC",
"name": "https://www.fxc.jp/news/20241213"
},
{
"url": "https://jvn.jp/en/vu/JVNVU91084137/",
"refsource": "MISC",
"name": "https://jvn.jp/en/vu/JVNVU91084137/"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
}
]
}

80
2024/54xxx/CVE-2024-54457.json
View File

@ -1,17 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-54457",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to enable telnet service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inclusion of undocumented features or chicken bits",
"cweId": "CWE-1242"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "FXC Inc.",
"product": {
"product_data": [
{
"product_name": "AE1021",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware versions 2.0.10 and earlier"
}
]
}
},
{
"product_name": "AE1021PE",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware versions 2.0.10 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.fxc.jp/news/20241213",
"refsource": "MISC",
"name": "https://www.fxc.jp/news/20241213"
},
{
"url": "https://jvn.jp/en/vu/JVNVU91084137/",
"refsource": "MISC",
"name": "https://jvn.jp/en/vu/JVNVU91084137/"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
}
]
}

18
2024/56xxx/CVE-2024-56176.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56176",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/56xxx/CVE-2024-56177.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56177",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/56xxx/CVE-2024-56178.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56178",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/56xxx/CVE-2024-56179.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56179",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}