admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-10-23 07:00:36 +00:00
parent 954bea974b
commit d29643fa05
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
8 changed files with 225 additions and 225 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2024/10xxx/CVE-2024-10280.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10280",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/10xxx/CVE-2024-10281.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10281",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/10xxx/CVE-2024-10282.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10282",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/10xxx/CVE-2024-10283.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10283",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

100
2024/47xxx/CVE-2024-47725.json
View File

@ -5,110 +5,14 @@
"CVE_data_meta": {
"ID": "CVE-2024-47725",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-verity: restart or panic on an I/O error\n\nMaxim Suhanov reported that dm-verity doesn't crash if an I/O error\nhappens. In theory, this could be used to subvert security, because an\nattacker can create sectors that return error with the Write Uncorrectable\ncommand. Some programs may misbehave if they have to deal with EIO.\n\nThis commit fixes dm-verity, so that if \"panic_on_corruption\" or\n\"restart_on_corruption\" was specified and an I/O error happens, the\nmachine will panic or restart.\n\nThis commit also changes kernel_restart to emergency_restart -\nkernel_restart calls reboot notifiers and these reboot notifiers may wait\nfor the bio that failed. emergency_restart doesn't call the notifiers."
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "cada2646b748"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6.54",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.13",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11.2",
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.12-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cada2646b7483cce370eb3b046659df31d9d34d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cada2646b7483cce370eb3b046659df31d9d34d1"
},
{
"url": "https://git.kernel.org/stable/c/b332bcca59143cfdd000957f8b78c28dd2ac1da4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b332bcca59143cfdd000957f8b78c28dd2ac1da4"
},
{
"url": "https://git.kernel.org/stable/c/338b32a232bbee39e52dd1486cbc0c9f458d4d69",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/338b32a232bbee39e52dd1486cbc0c9f458d4d69"
},
{
"url": "https://git.kernel.org/stable/c/e6a3531dd542cb127c8de32ab1e54a48ae19962b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e6a3531dd542cb127c8de32ab1e54a48ae19962b"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

121
2024/47xxx/CVE-2024-47755.json
View File

@ -5,131 +5,14 @@
"CVE_data_meta": {
"ID": "CVE-2024-47755",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvdimm: Fix devs leaks in scan_labels()\n\nscan_labels() leaks memory when label scanning fails and it falls back\nto just creating a default \"seed\" namespace for userspace to configure.\nRoot can force the kernel to leak memory.\n\nAllocate the minimum resources unconditionally and release them when\nunneeded to avoid the memory leak.\n\nA kmemleak reports:\nunreferenced object 0xffff88800dda1980 (size 16):\n comm \"kworker/u10:5\", pid 69, jiffies 4294671781\n hex dump (first 16 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 0):\n [<00000000c5dea560>] __kmalloc+0x32c/0x470\n [<000000009ed43c83>] nd_region_register_namespaces+0x6fb/0x1120 [libnvdimm]\n [<000000000e07a65c>] nd_region_probe+0xfe/0x210 [libnvdimm]\n [<000000007b79ce5f>] nvdimm_bus_probe+0x7a/0x1e0 [libnvdimm]\n [<00000000a5f3da2e>] really_probe+0xc6/0x390\n [<00000000129e2a69>] __driver_probe_device+0x78/0x150\n [<000000002dfed28b>] driver_probe_device+0x1e/0x90\n [<00000000e7048de2>] __device_attach_driver+0x85/0x110\n [<0000000032dca295>] bus_for_each_drv+0x85/0xe0\n [<00000000391c5a7d>] __device_attach+0xbe/0x1e0\n [<0000000026dabec0>] bus_probe_device+0x94/0xb0\n [<00000000c590d936>] device_add+0x656/0x870\n [<000000003d69bfaa>] nd_async_device_register+0xe/0x50 [libnvdimm]\n [<000000003f4c52a4>] async_run_entry_fn+0x2e/0x110\n [<00000000e201f4b0>] process_one_work+0x1ee/0x600\n [<000000006d90d5a9>] worker_thread+0x183/0x350"
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1b40e09a1232",
"version_value": "45db20bdb569"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.2",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.113",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.54",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.13",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11.2",
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.12-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/45db20bdb5695d06478d35e05fb2550441bed890",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/45db20bdb5695d06478d35e05fb2550441bed890"
},
{
"url": "https://git.kernel.org/stable/c/18a672c62d735744c6340eb3f5e58934a5d34cf2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/18a672c62d735744c6340eb3f5e58934a5d34cf2"
},
{
"url": "https://git.kernel.org/stable/c/939053737edb49ba5bdc5846acb45f11d15b7ab4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/939053737edb49ba5bdc5846acb45f11d15b7ab4"
},
{
"url": "https://git.kernel.org/stable/c/cdf0dfb3d183bbe0d0b6a6622c53d105074ad384",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cdf0dfb3d183bbe0d0b6a6622c53d105074ad384"
},
{
"url": "https://git.kernel.org/stable/c/62c2aa6b1f565d2fc1ec11a6e9e8336ce37a6426",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/62c2aa6b1f565d2fc1ec11a6e9e8336ce37a6426"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

81
2024/9xxx/CVE-2024-9583.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9583",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The RSS Aggregator \u2013 RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the wprss_ajax_send_premium_support function in all versions up to, and including, 4.23.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to send premium support requests with an attacker-controlled subject line and email address to support allowing them to impersonate the site owner. License information may also be leaked."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "jeangalea",
"product": {
"product_data": [
{
"product_name": "RSS Aggregator \u2013 RSS Import, News Feeds, Feed to Post, and Autoblogging",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "4.23.12"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/126c77fa-11c5-431f-8fc9-0375ed6c8a91?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/126c77fa-11c5-431f-8fc9-0375ed6c8a91?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-rss-aggregator/trunk/includes/admin-help.php#L274",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/wp-rss-aggregator/trunk/includes/admin-help.php#L274"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3168468/wp-rss-aggregator/trunk/includes/admin-help.php",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/3168468/wp-rss-aggregator/trunk/includes/admin-help.php"
}
]
},
"credits": [
{
"lang": "en",
"value": "tptNhan"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
}
]
}

76
2024/9xxx/CVE-2024-9947.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9947",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.11.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email and the user does not have an already-existing account for the service returning the token."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ProfilePress Team",
"product": {
"product_data": [
{
"product_name": "ProfilePress Pro",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "4.11.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/61b477c3-88b7-45a4-9fc4-6bca6f7c3604?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/61b477c3-88b7-45a4-9fc4-6bca6f7c3604?source=cve"
},
{
"url": "https://profilepress.com/",
"refsource": "MISC",
"name": "https://profilepress.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "wesley"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH"
}
]
}