admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-01-30 22:00:33 +00:00
parent 407d0c926c
commit 98bf270b9c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
16 changed files with 563 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/7xxx/CVE-2018-7550.json
View File

@ -101,6 +101,11 @@
"name": "RHSA-2018:2462",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2462"
},
{
"refsource": "MISC",
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-f49v-45qp-cv53",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-f49v-45qp-cv53"
}
]
}

10
2021/3xxx/CVE-2021-3156.json
View File

@ -196,6 +196,16 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
}
]
}

10
2022/39xxx/CVE-2022-39046.json
View File

@ -66,6 +66,16 @@
"refsource": "GENTOO",
"name": "GLSA-202310-03",
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
}
]
},

62
2023/51xxx/CVE-2023-51197.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-51197",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue discovered in shell command execution in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows an attacker to run arbitrary commands and cause other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/16yashpatel/CVE-2023-51197",
"url": "https://github.com/16yashpatel/CVE-2023-51197"
}
]
}

62
2023/51xxx/CVE-2023-51198.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-51198",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue in the permission and access control components within ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to gain escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/16yashpatel/CVE-2023-51198",
"url": "https://github.com/16yashpatel/CVE-2023-51198"
}
]
}

62
2023/51xxx/CVE-2023-51202.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51202",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-51202",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OS command injection vulnerability in command processing or system call componentsROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to run arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/16yashpatel/CVE-2023-51202",
"url": "https://github.com/16yashpatel/CVE-2023-51202"
}
]
}

62
2023/51xxx/CVE-2023-51204.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51204",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-51204",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to execute arbitrary code via a crafted input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/16yashpatel/CVE-2023-51204",
"url": "https://github.com/16yashpatel/CVE-2023-51204"
}
]
}

26
2023/6xxx/CVE-2023-6816.json
View File

@ -201,6 +201,27 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.12.0-6.el8_6.9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"version": {
@ -364,6 +385,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0614"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0621",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0621"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6816",
"refsource": "MISC",

59
2024/1xxx/CVE-2024-1059.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1059",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "121.0.6167.139",
"version_value": "121.0.6167.139"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html"
},
{
"url": "https://crbug.com/1514777",
"refsource": "MISC",
"name": "https://crbug.com/1514777"
}
]
}

59
2024/1xxx/CVE-2024-1060.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1060",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "121.0.6167.139",
"version_value": "121.0.6167.139"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html"
},
{
"url": "https://crbug.com/1511567",
"refsource": "MISC",
"name": "https://crbug.com/1511567"
}
]
}

59
2024/1xxx/CVE-2024-1077.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1077",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "121.0.6167.139",
"version_value": "121.0.6167.139"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html"
},
{
"url": "https://crbug.com/1511085",
"refsource": "MISC",
"name": "https://crbug.com/1511085"
}
]
}

18
2024/1xxx/CVE-2024-1090.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1090",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/1xxx/CVE-2024-1091.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1091",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/1xxx/CVE-2024-1092.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1092",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

4
2024/21xxx/CVE-2024-21735.json
View File

@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization",
"cweId": "CWE-285"
"value": "CWE-863 Incorrect Authorization",
"cweId": "CWE-863"
}
]
}

95
2024/23xxx/CVE-2024-23834.json
View File

@ -1,17 +1,104 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23834",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Discourse is an open-source discussion platform. Improperly sanitized user input could lead to an XSS vulnerability in some situations. This vulnerability only affects Discourse instances which have disabled the default Content Security Policy. The vulnerability is patched in 3.1.5 and 3.2.0.beta5. As a workaround, ensure Content Security Policy is enabled and does not include `unsafe-inline`."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "discourse",
"product": {
"product_data": [
{
"product_name": "discourse",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 3.1.5"
},
{
"version_affected": "=",
"version_value": ">= 3.2.0.beta1, < 3.2.0.beta5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-rj3g-8q6p-63pc",
"refsource": "MISC",
"name": "https://github.com/discourse/discourse/security/advisories/GHSA-rj3g-8q6p-63pc"
},
{
"url": "https://github.com/discourse/discourse/commit/568d704a94c528b7c2cb0f3512a7b7b606bc3000",
"refsource": "MISC",
"name": "https://github.com/discourse/discourse/commit/568d704a94c528b7c2cb0f3512a7b7b606bc3000"
},
{
"url": "https://meta.discourse.org/t/3-1-5-security-and-bug-fix-release/293094",
"refsource": "MISC",
"name": "https://meta.discourse.org/t/3-1-5-security-and-bug-fix-release/293094"
},
{
"url": "https://meta.discourse.org/t/3-2-0-beta5-add-groups-to-dms-mobile-chat-footer-redesign-passkeys-enabled-by-default-and-more/293093",
"refsource": "MISC",
"name": "https://meta.discourse.org/t/3-2-0-beta5-add-groups-to-dms-mobile-chat-footer-redesign-passkeys-enabled-by-default-and-more/293093"
}
]
},
"source": {
"advisory": "GHSA-rj3g-8q6p-63pc",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
]
}