admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-07-03 06:00:38 +00:00
parent 77e2663e96
commit bad05dd130
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
14 changed files with 608 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
2024/2xxx/CVE-2024-2040.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users join private groups via a CSRF attack"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Himer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/1b97bbf0-c7d1-4e6c-bb80-f9bf45fbfe1e/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/1b97bbf0-c7d1-4e6c-bb80-f9bf45fbfe1e/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Sushmita Poudel"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2024/2xxx/CVE-2024-2231.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2231",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The allows any authenticated user to join a private group due to a missing authorization check on a function"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Himer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/119d2d93-3b71-4ce9-b385-4e6f57b162cb/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/119d2d93-3b71-4ce9-b385-4e6f57b162cb/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Sushmita Poudel"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2024/2xxx/CVE-2024-2233.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2233",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. These include declining and accepting group invitations or leaving a group"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Himer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/51d0311a-673b-4538-9427-a48e8c89e38b/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/51d0311a-673b-4538-9427-a48e8c89e38b/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Sushmita Poudel"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2024/2xxx/CVE-2024-2234.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2234",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Himer WordPress theme before 2.1.1 does not sanitise and escape some of its Post settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Himer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/37018a3f-895f-48f7-b033-c051e2462830/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/37018a3f-895f-48f7-b033-c051e2462830/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Bob Matyas"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2024/2xxx/CVE-2024-2235.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2235",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users vote on any polls, including those they don't have access to via a CSRF attack"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Himer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/62c8a564-225e-4202-9bb0-03029fa4fd42/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/62c8a564-225e-4202-9bb0-03029fa4fd42/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Sushmita Poudel"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2024/2xxx/CVE-2024-2375.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2375",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WPQA Builder WordPress plugin before 6.1.1 does not sanitise and escape some of its Slider settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WPQA Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "6.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/3d144e1c-a1f4-4c5a-93e2-4296a96d4ba2/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/3d144e1c-a1f4-4c5a-93e2-4296a96d4ba2/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Bob Matyas"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2024/2xxx/CVE-2024-2376.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2376",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WPQA Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "6.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/bdd2e323-d589-4050-bc27-5edd2507a818/",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/bdd2e323-d589-4050-bc27-5edd2507a818/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Bob Matyas"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

61
2024/38xxx/CVE-2024-38453.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38453",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-38453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows attackers to read an API key. NOTE: the current version is 11 as of mid-2024."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://appexchange.salesforce.com/appxListingDetail?listingId=a0N3A00000FKAoOUAX",
"refsource": "MISC",
"name": "https://appexchange.salesforce.com/appxListingDetail?listingId=a0N3A00000FKAoOUAX"
},
{
"refsource": "MISC",
"name": "https://deneyed.com/blog/avalara/",
"url": "https://deneyed.com/blog/avalara/"
}
]
}

18
2024/39xxx/CVE-2024-39921.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39921",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

6
2024/5xxx/CVE-2024-5671.json
View File

@ -67,6 +67,12 @@
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Kentaro Kawane"
}
],
"impact": {
"cvss": [
{

6
2024/5xxx/CVE-2024-5731.json
View File

@ -67,6 +67,12 @@
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Kentaro Kawane"
}
],
"impact": {
"cvss": [
{

18
2024/6xxx/CVE-2024-6469.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6469",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/6xxx/CVE-2024-6470.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6470",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/6xxx/CVE-2024-6471.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6471",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}