mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
dfd6959f07
commit
82ece262e4
@ -143,7 +143,7 @@
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "4:4.9.4-5.1.rhaos4.16.el9",
|
||||
"version": "4:4.9.4-5.1.rhaos4.16.el8",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
@ -157,7 +157,7 @@
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "2:1.14.4-1.rhaos4.16.el9",
|
||||
"version": "2:1.14.4-1.rhaos4.16.el8",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
@ -171,7 +171,7 @@
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:1.29.5-7.rhaos4.16.git7db4ada.el9",
|
||||
"version": "0:1.29.5-7.rhaos4.16.git7db4ada.el8",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
|
||||
@ -1,17 +1,71 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-41996",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-41996",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1",
|
||||
"refsource": "MISC",
|
||||
"name": "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://dheatattack.gitlab.io/details/",
|
||||
"url": "https://dheatattack.gitlab.io/details/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://dheatattack.gitlab.io/faq/",
|
||||
"url": "https://dheatattack.gitlab.io/faq/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-6879",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Quiz and Survey Master (QSM) WordPress plugin before 9.1.1 fails to validate and escape certain Quiz fields before displaying them on a page or post where the Quiz is embedded, which could allows contributor and above roles to perform Stored Cross-Site Scripting (XSS) attacks."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Quiz and Survey Master (QSM)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "9.1.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/4da0b318-03e7-409d-9b02-f108e4232c87/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/4da0b318-03e7-409d-9b02-f108e4232c87/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Bereket Miheret"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,88 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-7313",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Shield Security WordPress plugin before 20.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Shield Security",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "20.0.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/83a1bdc6-098e-43d5-89e5-f4202ecd78a1/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/83a1bdc6-098e-43d5-89e5-f4202ecd78a1/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Krugov Artyom"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user