admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-04-17 16:00:32 +00:00
parent 79d8080314
commit 7853fae85c
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
31 changed files with 3072 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2023/46xxx/CVE-2023-46060.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46060",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-46060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Buffer Overflow vulnerability in Tenda AC500 v.2.0.1.9 allows a remote attacker to cause a denial of service via the port parameter at the goform/setVlanInfo component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md",
"refsource": "MISC",
"name": "https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md"
}
]
}

125
2023/52xxx/CVE-2023-52645.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52645",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: mediatek: fix race conditions with genpd\n\nIf the power domains are registered first with genpd and *after that*\nthe driver attempts to power them on in the probe sequence, then it is\npossible that a race condition occurs if genpd tries to power them on\nin the same time.\nThe same is valid for powering them off before unregistering them\nfrom genpd.\nAttempt to fix race conditions by first removing the domains from genpd\nand *after that* powering down domains.\nAlso first power up the domains and *after that* register them\nto genpd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "59b644b01cf4",
"version_value": "475426ad1ae0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.11",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.150",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.80",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.18",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/475426ad1ae0bfdfd8f160ed9750903799392438",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/475426ad1ae0bfdfd8f160ed9750903799392438"
},
{
"url": "https://git.kernel.org/stable/c/339ddc983bc1622341d95f244c361cda3da3a4ff",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/339ddc983bc1622341d95f244c361cda3da3a4ff"
},
{
"url": "https://git.kernel.org/stable/c/f83b9abee9faa4868a6fac4669b86f4c215dae25",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f83b9abee9faa4868a6fac4669b86f4c215dae25"
},
{
"url": "https://git.kernel.org/stable/c/3cd1d92ee1dbf3e8f988767eb75f26207397792b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3cd1d92ee1dbf3e8f988767eb75f26207397792b"
},
{
"url": "https://git.kernel.org/stable/c/c41336f4d69057cbf88fed47951379b384540df5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c41336f4d69057cbf88fed47951379b384540df5"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

202
2024/1xxx/CVE-2024-1132.json
View File

@ -55,6 +55,55 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat build of Keycloak 22",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22.0.10-1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22-13",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22-16",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat build of Keycloak 22.0.10",
"version": {
@ -68,6 +117,103 @@
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el7sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el8sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el9sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "RHEL-8 based Middleware Containers",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "7.6-46",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "RHSSO 7.6.8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Migration Toolkit for Applications 6",
"version": {
@ -94,19 +240,6 @@
]
}
},
{
"product_name": "Red Hat Build of Keycloak",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat build of Quarkus",
"version": {
@ -236,19 +369,6 @@
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -258,6 +378,36 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:1860",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1860"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1861",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1861"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1862",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1862"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1864",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1864"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1866",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1866"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1867",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1867"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1868",
"refsource": "MISC",

202
2024/1xxx/CVE-2024-1249.json
View File

@ -55,6 +55,55 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat build of Keycloak 22",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22.0.10-1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22-13",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22-16",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat build of Keycloak 22.0.10",
"version": {
@ -68,6 +117,103 @@
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el7sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el8sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el9sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "RHEL-8 based Middleware Containers",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "7.6-46",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "RHSSO 7.6.8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Migration Toolkit for Applications 6",
"version": {
@ -107,19 +253,6 @@
]
}
},
{
"product_name": "Red Hat Build of Keycloak",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Red Hat Data Grid 8",
"version": {
@ -330,19 +463,6 @@
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -352,6 +472,36 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:1860",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1860"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1861",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1861"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1862",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1862"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1864",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1864"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1866",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1866"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1867",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1867"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1868",
"refsource": "MISC",

135
2024/1xxx/CVE-2024-1635.json
View File

@ -909,6 +909,103 @@
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el7sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el8sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el9sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "RHEL-8 based Middleware Containers",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "7.6-46",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "RHSSO 7.6.8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "OpenShift Serverless",
"version": {
@ -1129,19 +1226,6 @@
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -1171,6 +1255,31 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1677"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1860",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1860"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1861",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1861"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1862",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1862"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1864",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1864"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1866",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1866"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-1635",
"refsource": "MISC",

172
2024/26xxx/CVE-2024-26910.json
View File

@ -1,18 +1,182 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26910",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix performance regression in swap operation\n\nThe patch \"netfilter: ipset: fix race condition between swap/destroy\nand kernel side add/del/test\", commit 28628fa9 fixes a race condition.\nBut the synchronize_rcu() added to the swap function unnecessarily slows\nit down: it can safely be moved to destroy and use call_rcu() instead.\n\nEric Dumazet pointed out that simply calling the destroy functions as\nrcu callback does not work: sets with timeout use garbage collectors\nwhich need cancelling at destroy which can wait. Therefore the destroy\nfunctions are split into two: cancelling garbage collectors safely at\nexecuting the command received by netlink and moving the remaining\npart only into the rcu callback."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "427deb5ba566",
"version_value": "c7f2733e5011"
},
{
"version_affected": "<",
"version_name": "e7152a138a5a",
"version_value": "a24d5f2ac8ef"
},
{
"version_affected": "<",
"version_name": "8bb930c3a1ea",
"version_value": "c2dc077d8f72"
},
{
"version_affected": "<",
"version_name": "875ee3a09e27",
"version_value": "653bc5e6d999"
},
{
"version_affected": "<",
"version_name": "23c31036f862",
"version_value": "b93a6756a01f"
},
{
"version_affected": "<",
"version_name": "28628fa952fe",
"version_value": "970709a67696"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.269",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.210",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.149",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.79",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.18",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c7f2733e5011bfd136f1ca93497394d43aa76225",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c7f2733e5011bfd136f1ca93497394d43aa76225"
},
{
"url": "https://git.kernel.org/stable/c/a24d5f2ac8ef702a58e55ec276aad29b4bd97e05",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a24d5f2ac8ef702a58e55ec276aad29b4bd97e05"
},
{
"url": "https://git.kernel.org/stable/c/c2dc077d8f722a1c73a24e674f925602ee5ece49",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c2dc077d8f722a1c73a24e674f925602ee5ece49"
},
{
"url": "https://git.kernel.org/stable/c/653bc5e6d9995d7d5f497c665b321875a626161c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/653bc5e6d9995d7d5f497c665b321875a626161c"
},
{
"url": "https://git.kernel.org/stable/c/b93a6756a01f4fd2f329a39216f9824c56a66397",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b93a6756a01f4fd2f329a39216f9824c56a66397"
},
{
"url": "https://git.kernel.org/stable/c/970709a67696b100a57b33af1a3d75fc34b747eb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/970709a67696b100a57b33af1a3d75fc34b747eb"
},
{
"url": "https://git.kernel.org/stable/c/97f7cf1cd80eeed3b7c808b7c12463295c751001",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/97f7cf1cd80eeed3b7c808b7c12463295c751001"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

92
2024/26xxx/CVE-2024-26911.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26911",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/buddy: Fix alloc_range() error handling code\n\nFew users have observed display corruption when they boot\nthe machine to KDE Plasma or playing games. We have root\ncaused the problem that whenever alloc_range() couldn't\nfind the required memory blocks the function was returning\nSUCCESS in some of the corner cases.\n\nThe right approach would be if the total allocated size\nis less than the required size, the function should\nreturn -ENOSPC."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0a1844bf0b53",
"version_value": "4b59c3fada06"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/4b59c3fada06e5e8010ef7700689c71986e667a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b59c3fada06e5e8010ef7700689c71986e667a2"
},
{
"url": "https://git.kernel.org/stable/c/8746c6c9dfa31d269c65dd52ab42fde0720b7d91",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8746c6c9dfa31d269c65dd52ab42fde0720b7d91"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

92
2024/26xxx/CVE-2024-26912.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26912",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix several DMA buffer leaks\n\nNouveau manages GSP-RM DMA buffers with nvkm_gsp_mem objects. Several of\nthese buffers are never dealloced. Some of them can be deallocated\nright after GSP-RM is initialized, but the rest need to stay until the\ndriver unloads.\n\nAlso futher bullet-proof these objects by poisoning the buffer and\nclearing the nvkm_gsp_mem object when it is deallocated. Poisoning\nthe buffer should trigger an error (or crash) from GSP-RM if it tries\nto access the buffer after we've deallocated it, because we were wrong\nabout when it is safe to deallocate.\n\nFinally, change the mem->size field to a size_t because that's the same\ntype that dma_alloc_coherent expects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "176fdcbddfd2",
"version_value": "6190d4c08897"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6190d4c08897d748dd25f0b78267a90aa1694e15",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6190d4c08897d748dd25f0b78267a90aa1694e15"
},
{
"url": "https://git.kernel.org/stable/c/042b5f83841fbf7ce39474412db3b5e4765a7ea7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/042b5f83841fbf7ce39474412db3b5e4765a7ea7"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

82
2024/26xxx/CVE-2024-26913.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26913",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue\n\n[why]\nodm calculation is missing for pipe split policy determination\nand cause Underflow/Corruption issue.\n\n[how]\nAdd the odm calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "cdbe0be8874c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cdbe0be8874c63bca85b8c38e5b1eecbdd18df31",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cdbe0be8874c63bca85b8c38e5b1eecbdd18df31"
},
{
"url": "https://git.kernel.org/stable/c/faf51b201bc42adf500945732abb6220c707d6f3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/faf51b201bc42adf500945732abb6220c707d6f3"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

82
2024/26xxx/CVE-2024-26914.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26914",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix incorrect mpc_combine array size\n\n[why]\nMAX_SURFACES is per stream, while MAX_PLANES is per asic. The\nmpc_combine is an array that records all the planes per asic. Therefore\nMAX_PLANES should be used as the array size. Using MAX_SURFACES causes\narray overflow when there are more than 3 planes.\n\n[how]\nUse the MAX_PLANES for the mpc_combine array size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "0bd8ef618a42"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0bd8ef618a42d7e6ea3f701065264e15678025e3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0bd8ef618a42d7e6ea3f701065264e15678025e3"
},
{
"url": "https://git.kernel.org/stable/c/39079fe8e660851abbafa90cd55cbf029210661f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/39079fe8e660851abbafa90cd55cbf029210661f"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

115
2024/26xxx/CVE-2024-26915.json
View File

@ -1,18 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26915",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Reset IH OVERFLOW_CLEAR bit\n\nAllows us to detect subsequent IH ring buffer overflows as well."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "9a9d00c23d17"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.152",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.82",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.18",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9a9d00c23d170d4ef5a1b28e6b69f5c85dd12bc1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9a9d00c23d170d4ef5a1b28e6b69f5c85dd12bc1"
},
{
"url": "https://git.kernel.org/stable/c/a28f4d1e0bed85943d309ac243fd1c200f8af9a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a28f4d1e0bed85943d309ac243fd1c200f8af9a2"
},
{
"url": "https://git.kernel.org/stable/c/8983397951b4b0bd51bb4b4ba9749424e1ccbb70",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8983397951b4b0bd51bb4b4ba9749424e1ccbb70"
},
{
"url": "https://git.kernel.org/stable/c/2827633c9dab6304ec4cdbf369363219832e605d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2827633c9dab6304ec4cdbf369363219832e605d"
},
{
"url": "https://git.kernel.org/stable/c/7330256268664ea0a7dd5b07a3fed363093477dd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7330256268664ea0a7dd5b07a3fed363093477dd"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

140
2024/26xxx/CVE-2024-26916.json
View File

@ -1,18 +1,150 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26916",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd: flush any delayed gfxoff on suspend entry\"\n\ncommit ab4750332dbe (\"drm/amdgpu/sdma5.2: add begin/end_use ring\ncallbacks\") caused GFXOFF control to be used more heavily and the\ncodepath that was removed from commit 0dee72639533 (\"drm/amd: flush any\ndelayed gfxoff on suspend entry\") now can be exercised at suspend again.\n\nUsers report that by using GNOME to suspend the lockscreen trigger will\ncause SDMA traffic and the system can deadlock.\n\nThis reverts commit 0dee726395333fea833eaaf838bc80962df886c8."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f94942885e84",
"version_value": "65158edb0a3a"
},
{
"version_affected": "<",
"version_name": "78b2ba39beef",
"version_value": "ff70e6ff6fc2"
},
{
"version_affected": "<",
"version_name": "3aae4ef4d799",
"version_value": "caa2565a2e13"
},
{
"version_affected": "<",
"version_name": "ab4750332dbe",
"version_value": "d855ceb6a5fd"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.149",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.79",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.18",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/65158edb0a3a8df23197d52cd24287e39eaf95d6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/65158edb0a3a8df23197d52cd24287e39eaf95d6"
},
{
"url": "https://git.kernel.org/stable/c/ff70e6ff6fc2413caf33410af7462d1f584d927e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ff70e6ff6fc2413caf33410af7462d1f584d927e"
},
{
"url": "https://git.kernel.org/stable/c/caa2565a2e13899be31f7b1e069e6465d3e2adb0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/caa2565a2e13899be31f7b1e069e6465d3e2adb0"
},
{
"url": "https://git.kernel.org/stable/c/d855ceb6a5fde668c5431156bc60fae0cc52b764",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d855ceb6a5fde668c5431156bc60fae0cc52b764"
},
{
"url": "https://git.kernel.org/stable/c/916361685319098f696b798ef1560f69ed96e934",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/916361685319098f696b798ef1560f69ed96e934"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

183
2024/26xxx/CVE-2024-26917.json
View File

@ -1,18 +1,193 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26917",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: Revert \"scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock\"\n\nThis reverts commit 1a1975551943f681772720f639ff42fbaa746212.\n\nThis commit causes interrupts to be lost for FCoE devices, since it changed\nsping locks from \"bh\" to \"irqsave\".\n\nInstead, a work queue should be used, and will be addressed in a separate\ncommit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "264eae2f523d",
"version_value": "94a600226b6d"
},
{
"version_affected": "<",
"version_name": "d2bf25674cea",
"version_value": "2209fc6e3d77"
},
{
"version_affected": "<",
"version_name": "9cce8ef7a6fa",
"version_value": "7d4e19f7ff64"
},
{
"version_affected": "<",
"version_name": "076fb40cf27a",
"version_value": "5b8f473c4de9"
},
{
"version_affected": "<",
"version_name": "5a5fb3b1754f",
"version_value": "6bb22ac1d11d"
},
{
"version_affected": "<",
"version_name": "1a1975551943",
"version_value": "2996c7e97ea7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.307",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.269",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.210",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.149",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.79",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.18",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/94a600226b6d0ef065ee84024b450b566c5a87d6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/94a600226b6d0ef065ee84024b450b566c5a87d6"
},
{
"url": "https://git.kernel.org/stable/c/2209fc6e3d7727d787dc6ef9baa1e9eae6b1295b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2209fc6e3d7727d787dc6ef9baa1e9eae6b1295b"
},
{
"url": "https://git.kernel.org/stable/c/7d4e19f7ff644c5b79e8271df8ac2e549b436a5b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7d4e19f7ff644c5b79e8271df8ac2e549b436a5b"
},
{
"url": "https://git.kernel.org/stable/c/5b8f473c4de95c056c1c767b1ad48c191544f6a5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5b8f473c4de95c056c1c767b1ad48c191544f6a5"
},
{
"url": "https://git.kernel.org/stable/c/6bb22ac1d11d7d20f91e7fd2e657a9e5f6db65e0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6bb22ac1d11d7d20f91e7fd2e657a9e5f6db65e0"
},
{
"url": "https://git.kernel.org/stable/c/2996c7e97ea7cf4c1838a1b1dbc0885934113783",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2996c7e97ea7cf4c1838a1b1dbc0885934113783"
},
{
"url": "https://git.kernel.org/stable/c/25675159040bffc7992d5163f3f33ba7d0142f21",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/25675159040bffc7992d5163f3f33ba7d0142f21"
},
{
"url": "https://git.kernel.org/stable/c/977fe773dcc7098d8eaf4ee6382cb51e13e784cb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/977fe773dcc7098d8eaf4ee6382cb51e13e784cb"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

103
2024/26xxx/CVE-2024-26918.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26918",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix active state requirement in PME polling\n\nThe commit noted in fixes added a bogus requirement that runtime PM managed\ndevices need to be in the RPM_ACTIVE state for PME polling. In fact, only\ndevices in low power states should be polled.\n\nHowever there's still a requirement that the device config space must be\naccessible, which has implications for both the current state of the polled\ndevice and the parent bridge, when present. It's not sufficient to assume\nthe bridge remains in D0 and cases have been observed where the bridge\npasses the D0 test, but the PM state indicates RPM_SUSPENDING and config\nspace of the polled device becomes inaccessible during pci_pme_wakeup().\n\nTherefore, since the bridge is already effectively required to be in the\nRPM_ACTIVE state, formalize this in the code and elevate the PM usage count\nto maintain the state while polling the subordinate device.\n\nThis resolves a regression reported in the bugzilla below where a\nThunderbolt/USB4 hierarchy fails to scan for an attached NVMe endpoint\ndownstream of a bridge in a D3hot power state."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d3fcd7360338",
"version_value": "63b1a3d9dd3b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.18",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583"
},
{
"url": "https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b"
},
{
"url": "https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/26xxx/CVE-2024-26919.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26919",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: Fix debugfs directory leak\n\nThe ULPI per-device debugfs root is named after the ulpi device's\nparent, but ulpi_unregister_interface tries to remove a debugfs\ndirectory named after the ulpi device itself. This results in the\ndirectory sticking around and preventing subsequent (deferred) probes\nfrom succeeding. Change the directory name to match the ulpi device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bd0a0a024f2a",
"version_value": "d31b886ed6a5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.79",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.18",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d31b886ed6a5095214062ee4fb55037eb930adb6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d31b886ed6a5095214062ee4fb55037eb930adb6"
},
{
"url": "https://git.kernel.org/stable/c/330d22aba17a4d30a56f007d0f51291d7e00862b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/330d22aba17a4d30a56f007d0f51291d7e00862b"
},
{
"url": "https://git.kernel.org/stable/c/33713945cc92ea9c4a1a9479d5c1b7acb7fc4df3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/33713945cc92ea9c4a1a9479d5c1b7acb7fc4df3"
},
{
"url": "https://git.kernel.org/stable/c/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

168
2024/26xxx/CVE-2024-26920.json
View File

@ -1,18 +1,178 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26920",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/trigger: Fix to return error if failed to alloc snapshot\n\nFix register_snapshot_trigger() to return error code if it failed to\nallocate a snapshot instead of 0 (success). Unless that, it will register\nsnapshot trigger without an error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "57f2a2ad73e9",
"version_value": "bcf4a115a506"
},
{
"version_affected": "<",
"version_name": "0026e356e51a",
"version_value": "8ffd5590f4d6"
},
{
"version_affected": "<",
"version_name": "0bbe7f719985",
"version_value": "56cfbe607107"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.307",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.269",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.210",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.149",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.79",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.18",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.6",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/bcf4a115a5068f3331fafb8c176c1af0da3d8b19",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bcf4a115a5068f3331fafb8c176c1af0da3d8b19"
},
{
"url": "https://git.kernel.org/stable/c/8ffd5590f4d6ef5460acbeac7fbdff7025f9b419",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ffd5590f4d6ef5460acbeac7fbdff7025f9b419"
},
{
"url": "https://git.kernel.org/stable/c/56cfbe60710772916a5ba092c99542332b48e870",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/56cfbe60710772916a5ba092c99542332b48e870"
},
{
"url": "https://git.kernel.org/stable/c/b5085b5ac1d96ea2a8a6240f869655176ce44197",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5085b5ac1d96ea2a8a6240f869655176ce44197"
},
{
"url": "https://git.kernel.org/stable/c/36be97e9eb535fe3008a5cb040b1e56f29f2e398",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36be97e9eb535fe3008a5cb040b1e56f29f2e398"
},
{
"url": "https://git.kernel.org/stable/c/6022c065c9ec465d84cebff8f480db083e4ee06b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6022c065c9ec465d84cebff8f480db083e4ee06b"
},
{
"url": "https://git.kernel.org/stable/c/4b001ef14baab16b553a002cb9979e31b8fc0c6b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b001ef14baab16b553a002cb9979e31b8fc0c6b"
},
{
"url": "https://git.kernel.org/stable/c/0958b33ef5a04ed91f61cef4760ac412080c4e08",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0958b33ef5a04ed91f61cef4760ac412080c4e08"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

43
2024/2xxx/CVE-2024-2419.json
View File

@ -56,12 +56,48 @@
"product": {
"product_data": [
{
"product_name": "Red Hat Build of Keycloak",
"product_name": "Red Hat build of Keycloak 22",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22.0.10-1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22-13",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22-16",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
@ -76,6 +112,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:1867",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:1867"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-2419",
"refsource": "MISC",

445
2024/30xxx/CVE-2024-30253.json
View File

@ -1,17 +1,454 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-30253",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "@solana/web3.js is the Solana JavaScript SDK. Using particular inputs with `@solana/web3.js` will result in memory exhaustion (OOM). If you have a server, client, mobile, or desktop product that accepts untrusted input for use with `@solana/web3.js`, your application/service may crash, resulting in a loss of availability. This vulnerability is fixed in 1.0.1, 1.10.2, 1.11.1, 1.12.1, 1.1.2, 1.13.1, 1.14.1, 1.15.1, 1.16.2, 1.17.1, 1.18.1, 1.19.1, 1.20.3, 1.21.1, 1.22.1, 1.23.1, 1.24.3, 1.25.1, 1.26.1, 1.27.1, 1.28.1, 1.2.8, 1.29.4, 1.30.3, 1.31.1, 1.3.1, 1.32.3, 1.33.1, 1.34.1, 1.35.2, 1.36.1, 1.37.3, 1.38.1, 1.39.2, 1.40.2, 1.41.11, 1.4.1, 1.42.1, 1.43.7, 1.44.4, 1.45.1, 1.46.1, 1.47.5, 1.48.1, 1.49.1, 1.50.2, 1.51.1, 1.5.1, 1.52.1, 1.53.1, 1.54.2, 1.55.1, 1.56.3, 1.57.1, 1.58.1, 1.59.2, 1.60.1, 1.61.2, 1.6.1, 1.62.2, 1.63.2, 1.64.1, 1.65.1, 1.66.6, 1.67.3, 1.68.2, 1.69.1, 1.70.4, 1.71.1, 1.72.1, 1.7.2, 1.73.5, 1.74.1, 1.75.1, 1.76.1, 1.77.4, 1.78.8, 1.79.1, 1.80.1, 1.81.1, 1.8.1, 1.82.1, 1.83.1, 1.84.1, 1.85.1, 1.86.1, 1.87.7, 1.88.1, 1.89.2, 1.90.2, 1.9.2, and 1.91.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "solana-labs",
"product": {
"product_data": [
{
"product_name": "solana-web3.js",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.91.0, < 1.91.3"
},
{
"version_affected": "=",
"version_value": ">= 1.90, < 1.90.2"
},
{
"version_affected": "=",
"version_value": ">= 1.89, < 1.89.2"
},
{
"version_affected": "=",
"version_value": "= 1.88.0"
},
{
"version_affected": "=",
"version_value": ">=1.87.0, < 1.87.7"
},
{
"version_affected": "=",
"version_value": "= 1.86.0"
},
{
"version_affected": "=",
"version_value": "= 1.85.0"
},
{
"version_affected": "=",
"version_value": "= 1.84.0"
},
{
"version_affected": "=",
"version_value": "= 1.83.0"
},
{
"version_affected": "=",
"version_value": "= 1.82.0"
},
{
"version_affected": "=",
"version_value": "= 1.81.0"
},
{
"version_affected": "=",
"version_value": "= 1.80.0"
},
{
"version_affected": "=",
"version_value": "= 1.79.0"
},
{
"version_affected": "=",
"version_value": ">= 1.78, < 1.78.8"
},
{
"version_affected": "=",
"version_value": ">= 1.77, < 1.77.4"
},
{
"version_affected": "=",
"version_value": "= 1.76.0"
},
{
"version_affected": "=",
"version_value": "= 1.75.0"
},
{
"version_affected": "=",
"version_value": "= 1.74.0"
},
{
"version_affected": "=",
"version_value": ">= 1.73.0, < 1.73.5"
},
{
"version_affected": "=",
"version_value": "= 1.72.0"
},
{
"version_affected": "=",
"version_value": "= 1.71.0"
},
{
"version_affected": "=",
"version_value": ">= 1.70.0, < 1.70.4"
},
{
"version_affected": "=",
"version_value": "= 1.69.0"
},
{
"version_affected": "=",
"version_value": ">= 1.68.0, < 1.68.2"
},
{
"version_affected": "=",
"version_value": ">= 1.67.0, < 1.67.3"
},
{
"version_affected": "=",
"version_value": ">= 1.66.0, < 1.66.6"
},
{
"version_affected": "=",
"version_value": "= 1.65.0"
},
{
"version_affected": "=",
"version_value": "= 1.64.0"
},
{
"version_affected": "=",
"version_value": ">= 1.63.0, < 1.63.2"
},
{
"version_affected": "=",
"version_value": ">= 1.62.0, < 1.62.2"
},
{
"version_affected": "=",
"version_value": ">= 1.61.0, < 1.61.2"
},
{
"version_affected": "=",
"version_value": "= 1.60.0"
},
{
"version_affected": "=",
"version_value": ">= 1.59.0, < 1.59.2"
},
{
"version_affected": "=",
"version_value": "= 1.58.0"
},
{
"version_affected": "=",
"version_value": "= 1.57.0"
},
{
"version_affected": "=",
"version_value": ">= 1.56.0, < 1.56.3"
},
{
"version_affected": "=",
"version_value": "= 1.55.0"
},
{
"version_affected": "=",
"version_value": ">= 1.54.0, < 1.54.2"
},
{
"version_affected": "=",
"version_value": "= 1.53.0"
},
{
"version_affected": "=",
"version_value": "= 1.52.0"
},
{
"version_affected": "=",
"version_value": "= 1.51.0"
},
{
"version_affected": "=",
"version_value": ">= 1.50.0, < 1.50.2"
},
{
"version_affected": "=",
"version_value": "= 1.49.0"
},
{
"version_affected": "=",
"version_value": "= 1.48.0"
},
{
"version_affected": "=",
"version_value": ">= 1.47.0, < 1.47.5"
},
{
"version_affected": "=",
"version_value": "= 1.46.0"
},
{
"version_affected": "=",
"version_value": "= 1.45.0"
},
{
"version_affected": "=",
"version_value": ">= 1.44.0, < 1.44.4"
},
{
"version_affected": "=",
"version_value": ">= 1.43.0, < 1.43.7"
},
{
"version_affected": "=",
"version_value": "= 1.42.0"
},
{
"version_affected": "=",
"version_value": ">= 1.41.0, < 1.41.11"
},
{
"version_affected": "=",
"version_value": ">= 1.40.0, < 1.40.2"
},
{
"version_affected": "=",
"version_value": ">= 1.39.0, < 1.39.2"
},
{
"version_affected": "=",
"version_value": "= 1.38.0"
},
{
"version_affected": "=",
"version_value": ">= 1.37.0, < 1.37.3"
},
{
"version_affected": "=",
"version_value": "= 1.36.0"
},
{
"version_affected": "=",
"version_value": ">= 1.35.0, < 1.35.2"
},
{
"version_affected": "=",
"version_value": "= 1.34.0"
},
{
"version_affected": "=",
"version_value": "= 1.33.0"
},
{
"version_affected": "=",
"version_value": ">= 1.32.0, < 1.32.2"
},
{
"version_affected": "=",
"version_value": "= 1.31.0"
},
{
"version_affected": "=",
"version_value": ">= 1.30.0, < 1.30.3"
},
{
"version_affected": "=",
"version_value": ">= 1.29.0, < 1.29.4"
},
{
"version_affected": "=",
"version_value": "= 1.28.0"
},
{
"version_affected": "=",
"version_value": "= 1.27.0"
},
{
"version_affected": "=",
"version_value": "= 1.26.0"
},
{
"version_affected": "=",
"version_value": "= 1.25.0"
},
{
"version_affected": "=",
"version_value": ">= 1.24.0, < 1.24.3"
},
{
"version_affected": "=",
"version_value": "= 1.23.0"
},
{
"version_affected": "=",
"version_value": "= 1.22.0"
},
{
"version_affected": "=",
"version_value": "= 1.21.0"
},
{
"version_affected": "=",
"version_value": ">= 1.20.0, < 1.20.3"
},
{
"version_affected": "=",
"version_value": "= 1.19.0"
},
{
"version_affected": "=",
"version_value": "= 1.18.0"
},
{
"version_affected": "=",
"version_value": "= 1.17.0"
},
{
"version_affected": "=",
"version_value": ">= 1.16.0, < 1.16.2"
},
{
"version_affected": "=",
"version_value": "= 1.15.0"
},
{
"version_affected": "=",
"version_value": "= 1.14.0"
},
{
"version_affected": "=",
"version_value": "= 1.13.0"
},
{
"version_affected": "=",
"version_value": "= 1.12.0"
},
{
"version_affected": "=",
"version_value": "= 1.11.0"
},
{
"version_affected": "=",
"version_value": ">= 1.10.0, < 1.10.2"
},
{
"version_affected": "=",
"version_value": " >= 1.9.0, < 1.9.2"
},
{
"version_affected": "=",
"version_value": "= 1.8.0"
},
{
"version_affected": "=",
"version_value": ">= 1.7.0, < 1.7.2"
},
{
"version_affected": "=",
"version_value": "= 1.6.0"
},
{
"version_affected": "=",
"version_value": "= 1.5.0"
},
{
"version_affected": "=",
"version_value": "= 1.4.0"
},
{
"version_affected": "=",
"version_value": "= 1.3.0"
},
{
"version_affected": "=",
"version_value": ">= 1.2.0, < 1.2.8"
},
{
"version_affected": "=",
"version_value": ">= 1.1.0, < 1.1.2"
},
{
"version_affected": "=",
"version_value": "< 1.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-8m45-2rjm-j347",
"refsource": "MISC",
"name": "https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-8m45-2rjm-j347"
},
{
"url": "https://github.com/solana-labs/solana-web3.js/commit/77d935221a4805107b20b60ae7c1148725e4e2d0",
"refsource": "MISC",
"name": "https://github.com/solana-labs/solana-web3.js/commit/77d935221a4805107b20b60ae7c1148725e4e2d0"
}
]
},
"source": {
"advisory": "GHSA-8m45-2rjm-j347",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

56
2024/30xxx/CVE-2024-30979.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-30979",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-30979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerability in Cyber Cafe Management System 1.0 allows a remote attacker to execute arbitrary code via the compname parameter in edit-computer-details.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://medium.com/@shanunirwan/cve-2024-30979-stored-cross-site-scripting-xss-in-cyber-cafe-management-system-project-ccms-1-44b10f50817b",
"url": "https://medium.com/@shanunirwan/cve-2024-30979-stored-cross-site-scripting-xss-in-cyber-cafe-management-system-project-ccms-1-44b10f50817b"
}
]
}

86
2024/31xxx/CVE-2024-31463.json
View File

@ -1,17 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-31463",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Ironic-image is an OpenStack Ironic deployment packaged and configured by Metal3. When the reverse proxy mode is enabled by the `IRONIC_REVERSE_PROXY_SETUP` variable set to `true`, 1) HTTP basic credentials are validated on the HTTPD side in a separate container, not in the Ironic service itself and 2) Ironic listens in host network on a private port 6388 on localhost by default. As a result, when the reverse proxy mode is used, any Pod or local Unix user on the control plane Node can access the Ironic API on the private port without authentication. A similar problem affects Ironic Inspector (`INSPECTOR_REVERSE_PROXY_SETUP` set to `true`), although the attack potential is smaller there. This issue affects operators deploying ironic-image in the reverse proxy mode, which is the recommended mode when TLS is used (also recommended), with the `IRONIC_PRIVATE_PORT` variable unset or set to a numeric value. In this case, an attacker with enough privileges to launch a pod on the control plane with host networking can access Ironic API and use it to modify bare-metal machine, e.g. provision them with a new image or change their BIOS settings. This vulnerability is fixed in 24.1.1. "
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
"cweId": "CWE-288"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "metal3-io",
"product": {
"product_data": [
{
"product_name": "ironic-image",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 24.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/metal3-io/ironic-image/security/advisories/GHSA-g2cm-9v5f-qg7r",
"refsource": "MISC",
"name": "https://github.com/metal3-io/ironic-image/security/advisories/GHSA-g2cm-9v5f-qg7r"
},
{
"url": "https://github.com/metal3-io/ironic-image/pull/494",
"refsource": "MISC",
"name": "https://github.com/metal3-io/ironic-image/pull/494"
},
{
"url": "https://github.com/metal3-io/ironic-image/commit/48e40bd30d49aefabac6fc80204a8650b13d10b4",
"refsource": "MISC",
"name": "https://github.com/metal3-io/ironic-image/commit/48e40bd30d49aefabac6fc80204a8650b13d10b4"
}
]
},
"source": {
"advisory": "GHSA-g2cm-9v5f-qg7r",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

56
2024/32xxx/CVE-2024-32303.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32303",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-32303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AC15 v15.03.20_multi, v15.03.05.19, and v15.03.05.18 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromWizardHandle.md",
"refsource": "MISC",
"name": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromWizardHandle.md"
}
]
}

56
2024/32xxx/CVE-2024-32305.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32305",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-32305",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromWizardHandle.md",
"refsource": "MISC",
"name": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromWizardHandle.md"
}
]
}

56
2024/32xxx/CVE-2024-32316.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32316",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-32316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability in the fromDhcpListClient function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/fromDhcpListClient_list1.md",
"refsource": "MISC",
"name": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/fromDhcpListClient_list1.md"
}
]
}

56
2024/32xxx/CVE-2024-32318.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32318",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-32318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability via the vlan parameter in the formSetVlanInfo function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/fromSetVlanInfo_vlan.md",
"refsource": "MISC",
"name": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/fromSetVlanInfo_vlan.md"
}
]
}

56
2024/32xxx/CVE-2024-32320.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32320",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-32320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability via the timeZone parameter in the formSetTimeZone function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formSetTimeZone.md",
"refsource": "MISC",
"name": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formSetTimeZone.md"
}
]
}

115
2024/32xxx/CVE-2024-32463.json
View File

@ -1,17 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32463",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "phlex is an open source framework for building object-oriented views in Ruby. There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. The filter to detect and prevent the use of the `javascript:` URL scheme in the `href` attribute of an `<a>` tag could be bypassed with tab `\\t` or newline `\\n` characters between the characters of the protocol, e.g. `java\\tscript:`. This vulnerability is fixed in 1.10.1, 1.9.2, 1.8.3, 1.7.2, 1.6.3, 1.5.3, and 1.4.2. Configuring a Content Security Policy that does not allow `unsafe-inline` would effectively prevent this vulnerability from being exploited."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "phlex-ruby",
"product": {
"product_data": [
{
"product_name": "phlex",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.10.0, < 1.10.1"
},
{
"version_affected": "=",
"version_value": ">= 1.9.0, < 1.9.2"
},
{
"version_affected": "=",
"version_value": ">= 1.8.0, < 1.8.3"
},
{
"version_affected": "=",
"version_value": ">= 1.7.0, < 1.7.2"
},
{
"version_affected": "=",
"version_value": ">= 1.6.0, < 1.6.3"
},
{
"version_affected": "=",
"version_value": ">= 1.5.0, < 1.5.3"
},
{
"version_affected": "=",
"version_value": ">= 1.4.0, < 1.4.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/phlex-ruby/phlex/security/advisories/GHSA-g7xq-xv8c-h98c",
"refsource": "MISC",
"name": "https://github.com/phlex-ruby/phlex/security/advisories/GHSA-g7xq-xv8c-h98c"
},
{
"url": "https://github.com/phlex-ruby/phlex/commit/9e3f5b980655817993682e409cbda72956d865cb",
"refsource": "MISC",
"name": "https://github.com/phlex-ruby/phlex/commit/9e3f5b980655817993682e409cbda72956d865cb"
},
{
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy",
"refsource": "MISC",
"name": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy"
},
{
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#unsafe-inline",
"refsource": "MISC",
"name": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#unsafe-inline"
}
]
},
"source": {
"advisory": "GHSA-g7xq-xv8c-h98c",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
}
]
}

18
2024/32xxx/CVE-2024-32743.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32743",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/32xxx/CVE-2024-32744.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32744",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/32xxx/CVE-2024-32745.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32745",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

84
2024/3xxx/CVE-2024-3825.json
View File

@ -1,17 +1,93 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3825",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@perforce.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Versions of the BlazeMeter Jenkins plugin prior to 4.22 contain a flaw which results in credential enumeration\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Blazemeter",
"product": {
"product_data": [
{
"product_name": "BlazeMeter Jenkins plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0.0.0",
"version_value": "4.22"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://portal.perforce.com/s/detail/a91PA000001STsvYAG",
"refsource": "MISC",
"name": "https://portal.perforce.com/s/detail/a91PA000001STsvYAG"
},
{
"url": "https://github.com/Blazemeter/blazemeter-jenkins-plugin/commit/11ec94f68136a0612ae1b37b5370053132cb2528",
"refsource": "MISC",
"name": "https://github.com/Blazemeter/blazemeter-jenkins-plugin/commit/11ec94f68136a0612ae1b37b5370053132cb2528"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

18
2024/3xxx/CVE-2024-3922.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3922",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}