admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-05-08 22:00:30 +00:00
parent 7b0a560c7c
commit 848e300bcd
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
25 changed files with 554 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2018/10xxx/CVE-2018-10172.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "7-Zip through 18.01 on Windows implements the \"Large memory pages\" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context of a sandboxed process."
"value": "** DISPUTED ** 7-Zip through 18.01 on Windows implements the \"Large memory pages\" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context of a sandboxed process. Note: This has been disputed by 3rd parties who argue this is a valid feature of Windows."
}
]
},

2
2019/14xxx/CVE-2019-14771.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, potentially allowing non-configuration scripts to be uploaded to the server. (This attack is mitigated by the attacker needing the \"Synchronize, import, and export configuration\" permission, a permission that only trusted administrators should be given. Other preventative measures in Backdrop CMS prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.)"
"value": "** DISPUTED ** Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, potentially allowing non-configuration scripts to be uploaded to the server. (This attack is mitigated by the attacker needing the \"Synchronize, import, and export configuration\" permission, a permission that only trusted administrators should be given. Other preventative measures in Backdrop CMS prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.) Note: This has been disputed by multiple 3rd parties due to advanced permissions that are needed to exploit."
}
]
},

7
2021/30xxx/CVE-2021-30080.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the route lookup process in beego through 2.0.1, allows attackers to bypass access control."
"value": "An issue was discovered in the route lookup process in beego before 1.12.11 that allows attackers to bypass access control."
}
]
},
@ -56,6 +56,11 @@
"url": "https://github.com/beego/beego/commit/d5df5e470d0a8ed291930ae802fd7e6b95226519",
"refsource": "MISC",
"name": "https://github.com/beego/beego/commit/d5df5e470d0a8ed291930ae802fd7e6b95226519"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/beego/beego/releases/tag/v1.12.11",
"url": "https://github.com/beego/beego/releases/tag/v1.12.11"
}
]
}

2
2022/38xxx/CVE-2022-38164.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 3 of 5)."
"value": "A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL."
}
]
},

2
2022/42xxx/CVE-2022-42092.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution."
"value": "** DISPUTED ** Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. Note: Third parties dispute this and argue that advanced permissions are required."
}
]
},

7
2022/43xxx/CVE-2022-43279.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "LimeSurvey v5.4.4 was discovered to contain a SQL injection vulnerability via the component /application/views/themeOptions/update.php."
"value": "LimeSurvey before v5.0.4 was discovered to contain a SQL injection vulnerability via the component /application/views/themeOptions/update.php."
}
]
},
@ -56,6 +56,11 @@
"url": "https://brick-pamphlet-d24.notion.site/LimeSurvey-V5-4-4-background-update-php-SQL-injection-50e8fd6eba4644bb941b2c8d6fb7979a",
"refsource": "MISC",
"name": "https://brick-pamphlet-d24.notion.site/LimeSurvey-V5-4-4-background-update-php-SQL-injection-50e8fd6eba4644bb941b2c8d6fb7979a"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/LimeSurvey/LimeSurvey/commit/42920389f99cdd25449eb7ace57f24417e83b692",
"url": "https://github.com/LimeSurvey/LimeSurvey/commit/42920389f99cdd25449eb7ace57f24417e83b692"
}
]
}

7
2022/43xxx/CVE-2022-43747.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "baramundi Management Agent (bMA) in baramundi Management Suite (bMS) 2021 R1 and R2 and 2022 R1 allows remote code execution. This is fixed in 2022 R2."
"value": "baramundi Management Agent (bMA) in baramundi Management Suite (bMS) 2021 R1 and R2 and 2022 R1 allows remote code execution. This is fixed in security update S-2022-01, which contains fixed bMA setup files for these versions. This also is fixed in baramundi Management Suite 2022 R2."
}
]
},
@ -56,6 +56,11 @@
"url": "https://www.baramundi.com/de-de/security-info/s-2022-01/",
"refsource": "MISC",
"name": "https://www.baramundi.com/de-de/security-info/s-2022-01/"
},
{
"refsource": "CONFIRM",
"name": "https://www.baramundi.com/en-us/security-info/s-2022-01/",
"url": "https://www.baramundi.com/en-us/security-info/s-2022-01/"
}
]
},

79
2023/40xxx/CVE-2023-40533.json
View File

@ -5,88 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-40533",
"ASSIGNER": "talos-cna@cisco.com",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An uninitialized memory use vulnerability exists in Tinyproxy 1.11.1 while parsing HTTP requests. In certain configurations, a specially crafted HTTP request can result in disclosure of data allocated on the heap, which could contain sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-457: Use of Uninitialized Variable",
"cweId": "CWE-457"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tinyproxy",
"product": {
"product_data": [
{
"product_name": "Tinyproxy",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.11.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1902",
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1902"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/05/07/1"
}
]
},
"credits": [
{
"lang": "en",
"value": "Discovered by Dimitrios Tatsis of Cisco Talos."
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
"value": "** REJECT ** This CVE ID is a duplicate of CVE-2022-40468\n"
}
]
}

61
2024/26xxx/CVE-2024-26517.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26517",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-26517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the delete-task.php component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sourcecodester.com/php/16877/school-task-manager-using-php-source-code.html",
"refsource": "MISC",
"name": "https://www.sourcecodester.com/php/16877/school-task-manager-using-php-source-code.html"
},
{
"refsource": "MISC",
"name": "https://github.com/unrealjbr/CVE-2024-26517",
"url": "https://github.com/unrealjbr/CVE-2024-26517"
}
]
}

5
2024/26xxx/CVE-2024-26579.json
View File

@ -59,6 +59,11 @@
"url": "https://lists.apache.org/thread/d2hndtvh6bll4pkl91o2oqxyynhr54k3",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/d2hndtvh6bll4pkl91o2oqxyynhr54k3"
},
{
"url": "https://github.com/advisories/GHSA-fgh3-pwmp-3qw3",
"refsource": "MISC",
"name": "https://github.com/advisories/GHSA-fgh3-pwmp-3qw3"
}
]
},

61
2024/27xxx/CVE-2024-27280.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27280",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-27280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://hackerone.com/reports/1399856",
"refsource": "MISC",
"name": "https://hackerone.com/reports/1399856"
},
{
"refsource": "MISC",
"name": "https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/",
"url": "https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/"
}
]
}

61
2024/27xxx/CVE-2024-27281.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27281",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-27281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. (When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache.) The main fixed version is 6.6.3.1. For Ruby 3.0 users, a fixed version is rdoc 6.3.4.1. For Ruby 3.1 users, a fixed version is rdoc 6.4.1.1. For Ruby 3.2 users, a fixed version is rdoc 6.5.1.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://hackerone.com/reports/1187477",
"refsource": "MISC",
"name": "https://hackerone.com/reports/1187477"
},
{
"refsource": "CONFIRM",
"name": "https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/",
"url": "https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/"
}
]
}

61
2024/27xxx/CVE-2024-27282.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27282",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-27282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://hackerone.com/reports/2122624",
"refsource": "MISC",
"name": "https://hackerone.com/reports/2122624"
},
{
"refsource": "CONFIRM",
"name": "https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/",
"url": "https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/"
}
]
}

75
2024/28xxx/CVE-2024-28759.json
View File

@ -1,18 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-28759",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-28759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://windriver.com",
"refsource": "MISC",
"name": "https://windriver.com"
},
{
"refsource": "CONFIRM",
"name": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2024-28759",
"url": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2024-28759"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:L/C:N/I:N/PR:N/S:U/UI:N",
"version": "3.1"
}
}
}

18
2024/29xxx/CVE-2024-29145.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-29145",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/31xxx/CVE-2024-31075.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-31075",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/33xxx/CVE-2024-33613.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-33613",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

56
2024/34xxx/CVE-2024-34196.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-34196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Totolink AC1200 Wireless Dual Band Gigabit Router A3002RU_V3 Firmware V3.0.0-B20230809.1615 is vulnerable to Buffer Overflow. The \"boa\" program allows attackers to modify the value of the \"vwlan_idx\" field via \"formMultiAP\". This can lead to a stack overflow through the \"formWlEncrypt\" CGI function by constructing malicious HTTP requests and passing a WLAN SSID value exceeding the expected length, potentially resulting in command execution or denial of service attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gist.github.com/Swind1er/1ec2fde42254598a72f1d716f9cfe2a1",
"refsource": "MISC",
"name": "https://gist.github.com/Swind1er/1ec2fde42254598a72f1d716f9cfe2a1"
}
]
}

56
2024/34xxx/CVE-2024-34308.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34308",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-34308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the function urldecode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/README.md",
"url": "https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/README.md"
}
]
}

5
2024/34xxx/CVE-2024-34517.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://github.com/neo4j/neo4j/wiki/Neo4j-5-changelog#cypher",
"url": "https://github.com/neo4j/neo4j/wiki/Neo4j-5-changelog#cypher"
},
{
"refsource": "MISC",
"name": "https://github.com/advisories/GHSA-p343-9qwp-pqxv",
"url": "https://github.com/advisories/GHSA-p343-9qwp-pqxv"
}
]
}

18
2024/34xxx/CVE-2024-34774.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34774",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/34xxx/CVE-2024-34775.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34775",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2024/3xxx/CVE-2024-3661.json
View File

@ -135,6 +135,11 @@
"url": "https://www.agwa.name/blog/post/hardening_openvpn_for_def_con",
"refsource": "MISC",
"name": "https://www.agwa.name/blog/post/hardening_openvpn_for_def_con"
},
{
"url": "https://www.theregister.com/2024/05/07/vpn_tunnelvision_dhcp/",
"refsource": "MISC",
"name": "https://www.theregister.com/2024/05/07/vpn_tunnelvision_dhcp/"
}
]
},

18
2024/4xxx/CVE-2024-4664.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4664",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/4xxx/CVE-2024-4665.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4665",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}