mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-06 18:53:08 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
cb83273779
commit
8af1293c25
@ -62,11 +62,6 @@
|
||||
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1884",
|
||||
"refsource": "MISC",
|
||||
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1884"
|
||||
},
|
||||
{
|
||||
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1884",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1884"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -62,11 +62,6 @@
|
||||
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1883",
|
||||
"refsource": "MISC",
|
||||
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1883"
|
||||
},
|
||||
{
|
||||
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1883",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1883"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -58,11 +58,6 @@
|
||||
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1882",
|
||||
"refsource": "MISC",
|
||||
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1882"
|
||||
},
|
||||
{
|
||||
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1882",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1882"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -58,11 +58,6 @@
|
||||
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1900",
|
||||
"refsource": "MISC",
|
||||
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1900"
|
||||
},
|
||||
{
|
||||
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1900",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1900"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -1,17 +1,71 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-50916",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2023-50916",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a UNC path via the GUI is rejected due to the use of a \\ (backslash) character, which is supposed to be disallowed in a pathname. Intercepting and modifying this request via a proxy, or sending the request directly to the application endpoint, allows UNC paths to be set for the backup location. Once such a location is set, Kyocera Device Manager attempts to confirm access and will try to authenticate to the UNC path; depending on the configuration of the environment, this may authenticate to the UNC with Windows NTLM hashes. This could allow NTLM credential relaying or cracking attacks."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://www.kyoceradocumentsolutions.us/en/about-us/pr-and-award-certifications/press/kyocera-device-manager-cve-2023-50196-vulnerability-solution-update.html",
|
||||
"url": "https://www.kyoceradocumentsolutions.us/en/about-us/pr-and-award-certifications/press/kyocera-device-manager-cve-2023-50196-vulnerability-solution-update.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2024-001_kyocera-v2.txt",
|
||||
"url": "https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2024-001_kyocera-v2.txt"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -34,7 +34,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A TimeOut error exists in the ParseTools.subCompileExpression method in mvel2 v2.5.0 Final."
|
||||
"value": "** DISPUTED ** A long execution time can occur in the ParseTools.subCompileExpression method in MVEL 2.5.0.Final because of many Java class lookups. NOTE: the vendor disputes this because \"the only thing that you could expect is that the parser will take a crazy amount of time to complete its task.\""
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -56,6 +56,11 @@
|
||||
"url": "https://github.com/mvel/mvel/issues/348",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/mvel/mvel/issues/348"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/mvel/mvel/issues/348#issuecomment-1874047271",
|
||||
"url": "https://github.com/mvel/mvel/issues/348#issuecomment-1874047271"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2024/0xxx/CVE-2024-0406.json
Normal file
18
2024/0xxx/CVE-2024-0406.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-0406",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/0xxx/CVE-2024-0407.json
Normal file
18
2024/0xxx/CVE-2024-0407.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-0407",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user