admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-11-29 07:00:31 +00:00
parent a2ff7c1f6b
commit 686e8c2732
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
6 changed files with 814 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
2024/10xxx/CVE-2024-10704.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10704",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Photo Gallery by 10Web WordPress plugin before 1.8.31 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.8.31"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/6c115117-11c0-4c9e-9988-8547c9364c01/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/6c115117-11c0-4c9e-9988-8547c9364c01/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Dmitrii Ignatyev"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

70
2024/10xxx/CVE-2024-10980.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10980",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "5.10.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/915daad8-d14c-4457-a3a0-aa21744f4ae0/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/915daad8-d14c-4457-a3a0-aa21744f4ae0/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Dmitrii Ignatyev"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

174
2024/11xxx/CVE-2024-11980.json
View File

@ -1,17 +1,183 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11980",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain modes of routers from Billion Electric have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access the specific functionality to obtain partial device information, modify the WiFi SSID, and restart the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function",
"cweId": "CWE-306"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Billion Electric",
"product": {
"product_data": [
{
"product_name": "M100",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M150",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M120N",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M500",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8273-95a07-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-8273-95a07-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8274-01e55-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-8274-01e55-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202411025",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.<br>For firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.<br>For all other firmware version 1.04.1.x, please update to 1.04.1.675 or later.<br>"
}
],
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.\nFor firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.\nFor all other firmware version 1.04.1.x, please update to 1.04.1.675 or later."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

174
2024/11xxx/CVE-2024-11981.json
View File

@ -1,17 +1,183 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11981",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain models of routers from Billion Electric has an Authentication Bypass vulnerability, allowing unautheticated attackers to retrive contents of arbitrary web pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"cweId": "CWE-288"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Billion Electric",
"product": {
"product_data": [
{
"product_name": "M100",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M150",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M120N",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M500",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8275-50f42-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-8275-50f42-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8276-1defb-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-8276-1defb-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202411026",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.<br>For firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.<br>For all other firmware version 1.04.1.x, please update to 1.04.1.675 or later.<br>"
}
],
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.\nFor firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.\nFor all other firmware version 1.04.1.x, please update to 1.04.1.675 or later."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

174
2024/11xxx/CVE-2024-11982.json
View File

@ -1,17 +1,183 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11982",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain models of routers from Billion Electric has a Plaintext Storage of a Password vulnerability. Remote attackers with administrator privileges can access the user settings page to retrieve plaintext passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-256 Plaintext Storage of a Password",
"cweId": "CWE-256"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Billion Electric",
"product": {
"product_data": [
{
"product_name": "M100",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M150",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M120N",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M500",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8277-88b20-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-8277-88b20-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8278-cb581-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-8278-cb581-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202411027",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.<br>For firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.<br>For all other firmware version 1.04.1.x, please update to 1.04.1.675 or later.<br>"
}
],
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.\nFor firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.\nFor all other firmware version 1.04.1.x, please update to 1.04.1.675 or later."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

174
2024/11xxx/CVE-2024-11983.json
View File

@ -1,17 +1,183 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11983",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain models of routers from Billion Electric has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject arbitrary system commands into a specific SSH function and execute them on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Billion Electric",
"product": {
"product_data": [
{
"product_name": "M100",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M150",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M120N",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M500",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8279-bf67e-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-8279-bf67e-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8280-ae6e1-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-8280-ae6e1-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202411028",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.<br>For firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.<br>For all other firmware version 1.04.1.x, please update to 1.04.1.675 or later.<br>"
}
],
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.\nFor firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.\nFor all other firmware version 1.04.1.x, please update to 1.04.1.675 or later."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}