admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-01-16 19:00:40 +00:00
parent 41ae3b14f0
commit b62aa885f6
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
25 changed files with 850 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2023/45xxx/CVE-2023-45229.json
View File

@ -58,6 +58,11 @@
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
}
]
},

5
2023/45xxx/CVE-2023-45230.json
View File

@ -58,6 +58,11 @@
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
}
]
},

5
2023/45xxx/CVE-2023-45231.json
View File

@ -58,6 +58,11 @@
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
}
]
},

5
2023/45xxx/CVE-2023-45232.json
View File

@ -58,6 +58,11 @@
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
}
]
},

5
2023/45xxx/CVE-2023-45233.json
View File

@ -58,6 +58,11 @@
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
}
]
},

5
2023/45xxx/CVE-2023-45234.json
View File

@ -58,6 +58,11 @@
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
}
]
},

5
2023/45xxx/CVE-2023-45235.json
View File

@ -58,6 +58,11 @@
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
}
]
},

5
2023/45xxx/CVE-2023-45236.json
View File

@ -58,6 +58,11 @@
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
}
]
},

5
2023/45xxx/CVE-2023-45237.json
View File

@ -58,6 +58,11 @@
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
}
]
},

56
2023/49xxx/CVE-2023-49351.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49351",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-49351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/countfatcode/temp/blob/main/formUSBAccount/formUSBAccount.md",
"url": "https://github.com/countfatcode/temp/blob/main/formUSBAccount/formUSBAccount.md"
}
]
}

5
2023/4xxx/CVE-2023-4969.json
View File

@ -93,6 +93,11 @@
"url": "https://blog.trailofbits.com",
"refsource": "MISC",
"name": "https://blog.trailofbits.com"
},
{
"url": "https://www.kb.cert.org/vuls/id/446598",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/446598"
}
]
},

159
2023/51xxx/CVE-2023-51381.json
View File

@ -1,17 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51381",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-cna@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting in the\u00a0tag name pattern field in the tag protections UI in GitHub Enterprise Server\u00a03.8.12, 3.9.7, 3.10.4, 3.11.2\u00a0allows a malicious website that requires user interaction and social engineering to make changes to a user account via CSP bypass with created\u00a0CSRF tokens. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in all versions of 3.11.3, 3.10.5, 3.9.8, and 3.8.13. This vulnerability was reported via the GitHub Bug Bounty program.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GitHub",
"product": {
"product_data": [
{
"product_name": "Enterprise Server",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "3.8.13",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.8.12",
"status": "affected",
"version": "3.8",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.9.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.9.7",
"status": "affected",
"version": "3.9",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.10.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.10.4",
"status": "affected",
"version": "3.10",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.11.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.11.2",
"status": "affected",
"version": "3.11",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Johan Carlsson (https://twitter.com/joaxcar)"
},
{
"lang": "en",
"value": "Roshan Kudave (https://twitter.com/ROSHANKUDAVE3)"
},
{
"lang": "en",
"value": "Sudhanshu Rajbhar (https://twitter.com/sudhanshur705)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
]
}

56
2023/52xxx/CVE-2023-52041.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52041",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-52041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary code via the sub_410118 function of the shttpd program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://kee02p.github.io/2024/01/13/CVE-2023-52041/",
"url": "https://kee02p.github.io/2024/01/13/CVE-2023-52041/"
}
]
}

5
2023/6xxx/CVE-2023-6395.json
View File

@ -128,6 +128,11 @@
"url": "https://github.com/xsuchy/templated-dictionary/commit/bcd90f0dafa365575c4b101e6f5d98c4ef4e4b69",
"refsource": "MISC",
"name": "https://github.com/xsuchy/templated-dictionary/commit/bcd90f0dafa365575c4b101e6f5d98c4ef4e4b69"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/1"
}
]
},

102
2023/7xxx/CVE-2023-7234.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-7234",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "\nOPCUAServerToolkit will write a log message once an OPC UA client has successfully connected containing the client's self-defined description field.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-117 ",
"cweId": "CWE-117"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Integration Objects",
"product": {
"product_data": [
{
"product_name": "OPC UA Server Toolkit",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-016-02",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-016-02"
},
{
"url": "https://integrationobjects.com//ask-a-question/",
"refsource": "MISC",
"name": "https://integrationobjects.com//ask-a-question/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Integration Objects has not responded to requests to work with CISA to mitigate these vulnerabilities. Developers using affected versions of OPC UA Server Toolkit are invited to contact </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://integrationobjects.com//ask-a-question/\">Integration Objects for additional information.</a>\n\n<br>"
}
],
"value": "\nIntegration Objects has not responded to requests to work with CISA to mitigate these vulnerabilities. Developers using affected versions of OPC UA Server Toolkit are invited to contact Integration Objects for additional information. https://integrationobjects.com//ask-a-question/ \n\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "Sam Hanson of Dragos reported this vulnerability to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}

127
2024/0xxx/CVE-2024-0200.json
View File

@ -1,17 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0200",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-cna@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability\u00a0could lead to the execution of user-controlled methods and remote code execution. To\u00a0exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role.\u00a0This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')",
"cweId": "CWE-470"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GitHub",
"product": {
"product_data": [
{
"product_name": "Enterprise Server",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "3.8.13",
"status": "affected",
"version": "3.8.0",
"versionType": "semver"
},
{
"lessThan": "3.9.8",
"status": "affected",
"version": "3.9.0",
"versionType": "semver"
},
{
"lessThan": "3.10.5",
"status": "affected",
"version": "3.10.0",
"versionType": "semver"
},
{
"lessThan": "3.11.3",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Ngo Wei Lin of STAR Labs"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
]
}

115
2024/0xxx/CVE-2024-0507.json
View File

@ -1,17 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0507",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-cna@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GitHub",
"product": {
"product_data": [
{
"product_name": "Enterprise Server",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "3.8.0",
"version_value": "3.8.12"
},
{
"version_affected": "<=",
"version_name": "3.9.0",
"version_value": "3.9.7"
},
{
"version_affected": "<=",
"version_name": "3.10.0",
"version_value": "3.10.4"
},
{
"version_affected": "<=",
"version_name": "3.11.0",
"version_value": "3.11.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13",
"refsource": "MISC",
"name": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Imre Rad"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
}

18
2024/0xxx/CVE-2024-0616.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0616",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/0xxx/CVE-2024-0617.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0617",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/0xxx/CVE-2024-0618.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0618",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/0xxx/CVE-2024-0619.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0619",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/0xxx/CVE-2024-0620.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0620",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/0xxx/CVE-2024-0621.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0621",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

56
2024/22xxx/CVE-2024-22491.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22491",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-22491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/cui2shark/security/blob/main/A%20stored%20cross-site%20scripting%20(XSS)%20vulnerability%20was%20discovered%20in%20beetl-bbs%20post%20save.md",
"refsource": "MISC",
"name": "https://github.com/cui2shark/security/blob/main/A%20stored%20cross-site%20scripting%20(XSS)%20vulnerability%20was%20discovered%20in%20beetl-bbs%20post%20save.md"
}
]
}

56
2024/22xxx/CVE-2024-22628.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22628",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-22628",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Budget and Expense Tracker System v1.0 is vulnerable to SQL Injection via /expense_budget/admin/?page=reports/budget&date_start=2023-12-28&date_end="
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/GaoZzr/CVE_report/blob/main/budget-and-expense-tracker-system/SQLi-1.md",
"url": "https://github.com/GaoZzr/CVE_report/blob/main/budget-and-expense-tracker-system/SQLi-1.md"
}
]
}