admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-09-03 18:00:33 +00:00
parent eda6597bf4
commit c900b98a34
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
10 changed files with 372 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2023/49xxx/CVE-2023-49233.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49233",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-49233",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow attackers in possession of a non-administrative Visual Planning account to utilize functions normally reserved for administrators. The affected functions allow attackers to obtain different types of configured credentials and potentially elevate their privileges to administrator level."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.visual-planning.com/en/support-portal/updates",
"refsource": "MISC",
"name": "https://www.visual-planning.com/en/support-portal/updates"
},
{
"refsource": "MISC",
"name": "https://www.schutzwerk.com/blog/schutzwerk-sa-2023-005/",
"url": "https://www.schutzwerk.com/blog/schutzwerk-sa-2023-005/"
}
]
}

66
2024/38xxx/CVE-2024-38456.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38456",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-38456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\\SYSTEM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.vivavis.com/en/solution/scada-en/high-leit/",
"refsource": "MISC",
"name": "https://www.vivavis.com/en/solution/scada-en/high-leit/"
},
{
"refsource": "CONFIRM",
"name": "https://www.vivavis.com/en/vivavis-high-leit-rce-vulnerability-cve-2024-38456/",
"url": "https://www.vivavis.com/en/vivavis-high-leit-rce-vulnerability-cve-2024-38456/"
},
{
"refsource": "MISC",
"name": "https://www.schutzwerk.com/blog/schutzwerk-sa-2024-001/",
"url": "https://www.schutzwerk.com/blog/schutzwerk-sa-2024-001/"
}
]
}

66
2024/42xxx/CVE-2024-42902.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42902",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-42902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in the js_localize.php function of LimeSurvey v6.6.2 and before allows attackers to execute arbitrary code via injecting a crafted payload into the lng parameter of the js_localize.php function"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/LimeSurvey/LimeSurvey/blob/6434b12ded1c4b6516200c453441d0896e11eee0/vendor/kcfinder/js_localize.php#L19",
"refsource": "MISC",
"name": "https://github.com/LimeSurvey/LimeSurvey/blob/6434b12ded1c4b6516200c453441d0896e11eee0/vendor/kcfinder/js_localize.php#L19"
},
{
"url": "https://bugs.limesurvey.org/view.php?id=19639",
"refsource": "MISC",
"name": "https://bugs.limesurvey.org/view.php?id=19639"
},
{
"refsource": "MISC",
"name": "https://github.com/sysentr0py/CVEs/tree/main/CVE-2024-42902",
"url": "https://github.com/sysentr0py/CVEs/tree/main/CVE-2024-42902"
}
]
}

66
2024/42xxx/CVE-2024-42903.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42903",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-42903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Host header injection vulnerability in the password reset function of LimeSurvey v.6.6.1+240806 and before allows attackers to send users a crafted password reset link that will direct victims to a malicious domain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/LimeSurvey/LimeSurvey/pull/3920",
"refsource": "MISC",
"name": "https://github.com/LimeSurvey/LimeSurvey/pull/3920"
},
{
"refsource": "MISC",
"name": "https://github.com/LimeSurvey/LimeSurvey/compare/6.6.0+240729...6.6.1+240806",
"url": "https://github.com/LimeSurvey/LimeSurvey/compare/6.6.0+240729...6.6.1+240806"
},
{
"refsource": "MISC",
"name": "https://github.com/sysentr0py/CVEs/tree/main/CVE-2024-42903",
"url": "https://github.com/sysentr0py/CVEs/tree/main/CVE-2024-42903"
}
]
}

66
2024/42xxx/CVE-2024-42904.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42904",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-42904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A cross-site scripting (XSS) vulnerability in SysPass 3.2.x allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter at /Controllers/ClientController.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/nuxsmin/sysPass/blob/9d0e169d2163897238877fb65130db47fe1ddcfa/app/modules/api/Controllers/ClientController.php#L89",
"refsource": "MISC",
"name": "https://github.com/nuxsmin/sysPass/blob/9d0e169d2163897238877fb65130db47fe1ddcfa/app/modules/api/Controllers/ClientController.php#L89"
},
{
"url": "https://github.com/nuxsmin/sysPass/blob/master/lib/SP/DataModel/ClientData.php#L98",
"refsource": "MISC",
"name": "https://github.com/nuxsmin/sysPass/blob/master/lib/SP/DataModel/ClientData.php#L98"
},
{
"refsource": "MISC",
"name": "https://github.com/sysentr0py/CVEs/tree/main/CVE-2024-42904",
"url": "https://github.com/sysentr0py/CVEs/tree/main/CVE-2024-42904"
}
]
}

5
2024/45xxx/CVE-2024-45440.json
View File

@ -56,6 +56,11 @@
"url": "https://www.drupal.org/project/drupal/issues/3457781",
"refsource": "MISC",
"name": "https://www.drupal.org/project/drupal/issues/3457781"
},
{
"refsource": "MISC",
"name": "https://senscybersecurity.nl/CVE-2024-45440-Explained/",
"url": "https://senscybersecurity.nl/CVE-2024-45440-Explained/"
}
]
}

18
2024/8xxx/CVE-2024-8396.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8396",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/8xxx/CVE-2024-8397.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8397",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/8xxx/CVE-2024-8398.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8398",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/8xxx/CVE-2024-8399.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8399",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}