mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-06 18:53:08 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
6a605df5e6
commit
9dd19dd18c
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-20556",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames due to differentiating error messages on existing usernames. IBM X-Force ID: 199181."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-204 Response Discrepancy Information Exposure",
|
||||
"cweId": "CWE-204"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Cognos Controller",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "10.4.1, 10.4.2, 11.0.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7149876",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.ibm.com/support/pages/node/7149876"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199181",
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199181"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,18 +1,102 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-48690",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "cve@kernel.org",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix DMA mappings leak\n\nFix leak, when user changes ring parameters.\nDuring reallocation of RX buffers, new DMA mappings are created for\nthose buffers. New buffers with different RX ring count should\nsubstitute older ones, but those buffers were freed in ice_vsi_cfg_rxq\nand reallocated again with ice_alloc_rx_buf. kfree on rx_buf caused\nleak of already mapped DMA.\nReallocate ZC with xdp_buf struct, when BPF program loads. Reallocate\nback to rx_buf, when BPF program unloads.\nIf BPF program is loaded/unloaded and XSK pools are created, reallocate\nRX queues accordingly in XDP_SETUP_XSK_POOL handler.\n\nSteps for reproduction:\nwhile :\ndo\n\tfor ((i=0; i<=8160; i=i+32))\n\tdo\n\t\tethtool -G enp130s0f0 rx $i tx $i\n\t\tsleep 0.5\n\t\tethtool -g enp130s0f0\n\tdone\ndone"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Linux",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Linux",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "617f3e1b588c",
|
||||
"version_value": "07f40e9f0ff3"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.16",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.16",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.19.9",
|
||||
"lessThanOrEqual": "5.19.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "6.0",
|
||||
"lessThanOrEqual": "*",
|
||||
"status": "unaffected",
|
||||
"versionType": "original_commit_for_fix"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/07f40e9f0ff342eb3e97d5c544783b7cb641689c",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/07f40e9f0ff342eb3e97d5c544783b7cb641689c"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/7e753eb675f0523207b184558638ee2eed6c9ac2",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/7e753eb675f0523207b184558638ee2eed6c9ac2"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-d175d3acf727"
|
||||
}
|
||||
}
|
||||
@ -1,18 +1,158 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-48695",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "cve@kernel.org",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix use-after-free warning\n\nFix the following use-after-free warning which is observed during\ncontroller reset:\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Linux",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Linux",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_value": "b8fc9e91b931"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "4.9.328",
|
||||
"lessThanOrEqual": "4.9.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "4.14.293",
|
||||
"lessThanOrEqual": "4.14.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "4.19.258",
|
||||
"lessThanOrEqual": "4.19.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.4.213",
|
||||
"lessThanOrEqual": "5.4.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.10.143",
|
||||
"lessThanOrEqual": "5.10.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.15.68",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.19.9",
|
||||
"lessThanOrEqual": "5.19.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "6.0",
|
||||
"lessThanOrEqual": "*",
|
||||
"status": "unaffected",
|
||||
"versionType": "original_commit_for_fix"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/b8fc9e91b931215110ba824d1a2983c5f60b6f82",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/b8fc9e91b931215110ba824d1a2983c5f60b6f82"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/d4959d09b76eb7a4146f5133962b88d3bddb63d6",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/d4959d09b76eb7a4146f5133962b88d3bddb63d6"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/82efb917eeb27454dc4c6fe26432fc8f6c75bc16",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/82efb917eeb27454dc4c6fe26432fc8f6c75bc16"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/5682c94644fde72f72bded6580c38189ffc856b5",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/5682c94644fde72f72bded6580c38189ffc856b5"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/ea10a652ad2ae2cf3eced6f632a5c98f26727057",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/ea10a652ad2ae2cf3eced6f632a5c98f26727057"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/6229fa494a5949be209bc73afbc5d0a749c2e3c7",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/6229fa494a5949be209bc73afbc5d0a749c2e3c7"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/41acb064c4e013808bc7d5fc1b506fa449425b0b",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/41acb064c4e013808bc7d5fc1b506fa449425b0b"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-d175d3acf727"
|
||||
}
|
||||
}
|
||||
@ -1,18 +1,158 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-48704",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "cve@kernel.org",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: add a force flush to delay work when radeon\n\nAlthough radeon card fence and wait for gpu to finish processing current batch rings,\nthere is still a corner case that radeon lockup work queue may not be fully flushed,\nand meanwhile the radeon_suspend_kms() function has called pci_set_power_state() to\nput device in D3hot state.\nPer PCI spec rev 4.0 on 5.3.1.4.1 D3hot State.\n> Configuration and Message requests are the only TLPs accepted by a Function in\n> the D3hot state. All other received Requests must be handled as Unsupported Requests,\n> and all received Completions may optionally be handled as Unexpected Completions.\nThis issue will happen in following logs:\nUnable to handle kernel paging request at virtual address 00008800e0008010\nCPU 0 kworker/0:3(131): Oops 0\npc = [<ffffffff811bea5c>] ra = [<ffffffff81240844>] ps = 0000 Tainted: G W\npc is at si_gpu_check_soft_reset+0x3c/0x240\nra is at si_dma_is_lockup+0x34/0xd0\nv0 = 0000000000000000 t0 = fff08800e0008010 t1 = 0000000000010000\nt2 = 0000000000008010 t3 = fff00007e3c00000 t4 = fff00007e3c00258\nt5 = 000000000000ffff t6 = 0000000000000001 t7 = fff00007ef078000\ns0 = fff00007e3c016e8 s1 = fff00007e3c00000 s2 = fff00007e3c00018\ns3 = fff00007e3c00000 s4 = fff00007fff59d80 s5 = 0000000000000000\ns6 = fff00007ef07bd98\na0 = fff00007e3c00000 a1 = fff00007e3c016e8 a2 = 0000000000000008\na3 = 0000000000000001 a4 = 8f5c28f5c28f5c29 a5 = ffffffff810f4338\nt8 = 0000000000000275 t9 = ffffffff809b66f8 t10 = ff6769c5d964b800\nt11= 000000000000b886 pv = ffffffff811bea20 at = 0000000000000000\ngp = ffffffff81d89690 sp = 00000000aa814126\nDisabling lock debugging due to kernel taint\nTrace:\n[<ffffffff81240844>] si_dma_is_lockup+0x34/0xd0\n[<ffffffff81119610>] radeon_fence_check_lockup+0xd0/0x290\n[<ffffffff80977010>] process_one_work+0x280/0x550\n[<ffffffff80977350>] worker_thread+0x70/0x7c0\n[<ffffffff80977410>] worker_thread+0x130/0x7c0\n[<ffffffff80982040>] kthread+0x200/0x210\n[<ffffffff809772e0>] worker_thread+0x0/0x7c0\n[<ffffffff80981f8c>] kthread+0x14c/0x210\n[<ffffffff80911658>] ret_from_kernel_thread+0x18/0x20\n[<ffffffff80981e40>] kthread+0x0/0x210\n Code: ad3e0008 43f0074a ad7e0018 ad9e0020 8c3001e8 40230101\n <88210000> 4821ed21\nSo force lockup work queue flush to fix this problem."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Linux",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Linux",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_value": "b878da58df2c"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "4.9.328",
|
||||
"lessThanOrEqual": "4.9.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "4.14.293",
|
||||
"lessThanOrEqual": "4.14.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "4.19.258",
|
||||
"lessThanOrEqual": "4.19.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.4.213",
|
||||
"lessThanOrEqual": "5.4.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.10.143",
|
||||
"lessThanOrEqual": "5.10.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.15.68",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.19.9",
|
||||
"lessThanOrEqual": "5.19.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "6.0",
|
||||
"lessThanOrEqual": "*",
|
||||
"status": "unaffected",
|
||||
"versionType": "original_commit_for_fix"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/b878da58df2c40b08914d3960e2224040fd1fbfe",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/b878da58df2c40b08914d3960e2224040fd1fbfe"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/4e25e8f27fdbdc6fd55cc572a9939bf24500b9e8",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/4e25e8f27fdbdc6fd55cc572a9939bf24500b9e8"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/c0a45f41fde4a0f2c900f719817493ee5c4a5aa3",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/c0a45f41fde4a0f2c900f719817493ee5c4a5aa3"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/c72d97146fc5a4dff381b1737f6167e89860430d",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/c72d97146fc5a4dff381b1737f6167e89860430d"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/826b46fd5974113515abe9e4fc8178009a8ce18c",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/826b46fd5974113515abe9e4fc8178009a8ce18c"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/5a7a5b2edac4b05abd744eeaebda46d9dacd952d",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/5a7a5b2edac4b05abd744eeaebda46d9dacd952d"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/16cb367daa446923d82e332537f446a4cc784b40",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/16cb367daa446923d82e332537f446a4cc784b40"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/f461950fdc374a3ada5a63c669d997de4600dffe",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/f461950fdc374a3ada5a63c669d997de4600dffe"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-d175d3acf727"
|
||||
}
|
||||
}
|
||||
@ -1,18 +1,102 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-48705",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "cve@kernel.org",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921e: fix crash in chip reset fail\n\nIn case of drv own fail in reset, we may need to run mac_reset several\ntimes. The sequence would trigger system crash as the log below.\n\nBecause we do not re-enable/schedule \"tx_napi\" before disable it again,\nthe process would keep waiting for state change in napi_diable(). To\navoid the problem and keep status synchronize for each run, goto final\nresource handling if drv own failed.\n\n[ 5857.353423] mt7921e 0000:3b:00.0: driver own failed\n[ 5858.433427] mt7921e 0000:3b:00.0: Timeout for driver own\n[ 5859.633430] mt7921e 0000:3b:00.0: driver own failed\n[ 5859.633444] ------------[ cut here ]------------\n[ 5859.633446] WARNING: CPU: 6 at kernel/kthread.c:659 kthread_park+0x11d\n[ 5859.633717] Workqueue: mt76 mt7921_mac_reset_work [mt7921_common]\n[ 5859.633728] RIP: 0010:kthread_park+0x11d/0x150\n[ 5859.633736] RSP: 0018:ffff8881b676fc68 EFLAGS: 00010202\n......\n[ 5859.633766] Call Trace:\n[ 5859.633768] <TASK>\n[ 5859.633771] mt7921e_mac_reset+0x176/0x6f0 [mt7921e]\n[ 5859.633778] mt7921_mac_reset_work+0x184/0x3a0 [mt7921_common]\n[ 5859.633785] ? mt7921_mac_set_timing+0x520/0x520 [mt7921_common]\n[ 5859.633794] ? __kasan_check_read+0x11/0x20\n[ 5859.633802] process_one_work+0x7ee/0x1320\n[ 5859.633810] worker_thread+0x53c/0x1240\n[ 5859.633818] kthread+0x2b8/0x370\n[ 5859.633824] ? process_one_work+0x1320/0x1320\n[ 5859.633828] ? kthread_complete_and_exit+0x30/0x30\n[ 5859.633834] ret_from_fork+0x1f/0x30\n[ 5859.633842] </TASK>"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Linux",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Linux",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0efaf31dec57",
|
||||
"version_value": "f7f3001723e3"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.17",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.17",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "5.19.9",
|
||||
"lessThanOrEqual": "5.19.*",
|
||||
"status": "unaffected",
|
||||
"versionType": "custom"
|
||||
},
|
||||
{
|
||||
"version": "6.0",
|
||||
"lessThanOrEqual": "*",
|
||||
"status": "unaffected",
|
||||
"versionType": "original_commit_for_fix"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/f7f3001723e337568017e8617974f29bc8b2f595",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/f7f3001723e337568017e8617974f29bc8b2f595"
|
||||
},
|
||||
{
|
||||
"url": "https://git.kernel.org/stable/c/fa3fbe64037839f448dc569212bafc5a495d8219",
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/stable/c/fa3fbe64037839f448dc569212bafc5a495d8219"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-d175d3acf727"
|
||||
}
|
||||
}
|
||||
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-23474",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 245403."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-209 Generation of Error Message Containing Sensitive Information",
|
||||
"cweId": "CWE-209"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Cognos Controller",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "10.4.1, 10.4.2, 11.0.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7149876",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.ibm.com/support/pages/node/7149876"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/245403",
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/245403"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "HIGH",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 3.7,
|
||||
"baseSeverity": "LOW",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-28952",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-117 Improper Output Neutralization for Logs",
|
||||
"cweId": "CWE-117"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Cognos Controller",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "10.4.1, 10.4.2, 11.0.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7149876",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.ibm.com/support/pages/node/7149876"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/251463",
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/251463"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-38724",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 262183."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
|
||||
"cweId": "CWE-89"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Cognos Controller",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "10.4.1, 10.4.2, 11.0.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7149876",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.ibm.com/support/pages/node/7149876"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262183",
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262183"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 6.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-40696",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 264939."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
|
||||
"cweId": "CWE-327"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Cognos Controller",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "10.4.1, 10.4.2, 11.0.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7149876",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.ibm.com/support/pages/node/7149876"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264939",
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264939"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "HIGH",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.9,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30851",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-30851",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allows an attacker to obtain sensitive information via the download_file.php component."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/codesiddhant/Jasmin-Ransomware",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/codesiddhant/Jasmin-Ransomware"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc",
|
||||
"url": "https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-31673",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-31673",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in load_data.php via the userid parameter."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/Kliqqi-CMS/Kliqqi-CMS/issues/265",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/Kliqqi-CMS/Kliqqi-CMS/issues/265"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-33789",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-33789",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33789",
|
||||
"url": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33789"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-33791",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-33791",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the getTimeZone function."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33791",
|
||||
"url": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33791"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-33792",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-33792",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tracert page."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33792",
|
||||
"url": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33792"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,90 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-34066",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security-advisories@github.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue has been addressed in version 1.11.12 and users are advised to upgrade. Users unable to upgrade may enable the `ignore_panel_config_updates` option as a workaround."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-552: Files or Directories Accessible to External Parties",
|
||||
"cweId": "CWE-552"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "pterodactyl",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "wings",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "< 1.11.12"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/pterodactyl/wings/security/advisories/GHSA-gqmf-jqgv-v8fw",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/pterodactyl/wings/security/advisories/GHSA-gqmf-jqgv-v8fw"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "GHSA-gqmf-jqgv-v8fw",
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.5,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,100 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-34067",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security-advisories@github.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Pterodactyl is a free, open-source game server management panel built with PHP, React, and Go. Importing a malicious egg or gaining access to wings instance could lead to cross site scripting (XSS) on the panel, which could be used to gain an administrator account on the panel. Specifically, the following things are impacted: Egg Docker images and Egg variables: Name, Environment variable, Default value, Description, Validation rules. Additionally, certain fields would reflect malicious input, but it would require the user knowingly entering such input to have an impact. To iterate, this would require an administrator to perform actions and can't be triggered by a normal panel user. This issue has has been addressed in version 1.11.6 and users are advised to upgrade. No workaround is available other than updating to the latest version of the panel."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
|
||||
"cweId": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "pterodactyl",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "panel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "< 1.11.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/pterodactyl/panel/security/advisories/GHSA-384w-wffr-x63q",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/pterodactyl/panel/security/advisories/GHSA-384w-wffr-x63q"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/pterodactyl/panel/commit/0dad4c5a488661f9adc27dd311542516d9bfa0f2",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/pterodactyl/panel/commit/0dad4c5a488661f9adc27dd311542516d9bfa0f2"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/pterodactyl/panel/commit/1172d71d31561c4e465dabdf6b838e64de48ad16",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/pterodactyl/panel/commit/1172d71d31561c4e465dabdf6b838e64de48ad16"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/pterodactyl/panel/commit/f671046947e4695b5e1c647df79305c1cefdf817",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/pterodactyl/panel/commit/f671046947e4695b5e1c647df79305c1cefdf817"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "GHSA-384w-wffr-x63q",
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.1,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,104 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-34068",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security-advisories@github.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control (GHSA-6rg3-8h8x-5xfv) that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. This would allow malicious users to potentially access resources on local networks that would otherwise be inaccessible. This issue has been addressed in version 1.11.2 and users are advised to upgrade. Users unable to upgrade may enable the `api.disable_remote_download` option as a workaround. "
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-284: Improper Access Control",
|
||||
"cweId": "CWE-284"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-441: Unintended Proxy or Intermediary ('Confused Deputy')",
|
||||
"cweId": "CWE-441"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "pterodactyl",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "wings",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "< 1.11.12"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/pterodactyl/wings/security/advisories/GHSA-qq22-jj8x-4wwv",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/pterodactyl/wings/security/advisories/GHSA-qq22-jj8x-4wwv"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/pterodactyl/wings/security/advisories/GHSA-6rg3-8h8x-5xfv",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/pterodactyl/wings/security/advisories/GHSA-6rg3-8h8x-5xfv"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/pterodactyl/wings/commit/c152e36101aba45d8868a9a0eeb890995e8934b8",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/pterodactyl/wings/commit/c152e36101aba45d8868a9a0eeb890995e8934b8"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "GHSA-qq22-jj8x-4wwv",
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.4,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,95 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-34075",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security-advisories@github.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "kurwov is a fast, dependency-free library for creating Markov Chains. An unsafe sanitization of dataset contents on the `MarkovData#getNext` method used in `Markov#generate` and `Markov#choose` allows a maliciously crafted string on the dataset to throw and stop the function from running properly. If a string contains a forbidden substring (i.e. `__proto__`) followed by a space character, the code will access a special property in `MarkovData#finalData` by removing the last character of the string, bypassing the dataset sanitization (as it is supposed to be already sanitized before this function is called). Any dataset can be contaminated with the substring making it unable to properly generate anything in some cases. This issue has been addressed in version 3.2.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-502: Deserialization of Untrusted Data",
|
||||
"cweId": "CWE-502"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "xiboon",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kurwov",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": ">= 3.1.0, < 3.2.5"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/xiboon/kurwov/security/advisories/GHSA-hfrv-h3q8-9jpr",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/xiboon/kurwov/security/advisories/GHSA-hfrv-h3q8-9jpr"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/xiboon/kurwov/commit/85d63e652594f121d6656177d7a3c0d823c976c9",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/xiboon/kurwov/commit/85d63e652594f121d6656177d7a3c0d823c976c9"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/xiboon/kurwov/blob/0d58dfa42135ab40e830e92622857282f980ca89/src/MarkovData.ts#L38-L44",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/xiboon/kurwov/blob/0d58dfa42135ab40e830e92622857282f980ca89/src/MarkovData.ts#L38-L44"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "GHSA-hfrv-h3q8-9jpr",
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.2,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2024/34xxx/CVE-2024-34451.json
Normal file
18
2024/34xxx/CVE-2024-34451.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-34451",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/34xxx/CVE-2024-34452.json
Normal file
18
2024/34xxx/CVE-2024-34452.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-34452",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/34xxx/CVE-2024-34453.json
Normal file
18
2024/34xxx/CVE-2024-34453.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-34453",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user