admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-03-27 07:00:32 +00:00
parent da1c61f7d2
commit d3af273d46
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
13 changed files with 372 additions and 330 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2024/45xxx/CVE-2024-45346.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code."
"value": "The Xiaomi Security Center expresses heartfelt thanks to Ken Gannon and Ilyes Beghdadi of NCC Group working with Trend Micro Zero Day Initiative! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life."
}
]
},
@ -21,7 +21,8 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-287 Improper Authentication",
"cweId": "CWE-287"
}
]
}
@ -80,7 +81,7 @@
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [

78
2024/45xxx/CVE-2024-45353.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-45353",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@xiaomi.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An intent redriction vulnerability exists in the Xiaomi quick App framework application product. The vulnerability is caused by improper input validation and can be exploited by attackers tointent redriction."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error",
"cweId": "CWE-346"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Xiaomi",
"product": {
"product_data": [
{
"product_name": "quick app framework",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "quick app framework 1.30.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=551",
"refsource": "MISC",
"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=551"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

78
2024/45xxx/CVE-2024-45354.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-45354",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@xiaomi.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A code execution vulnerability exists in the Xiaomi shop applicationproduct. The vulnerability is caused by improper input validation and can be exploited by attackers to execute malicious code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error",
"cweId": "CWE-346"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Xiaomi",
"product": {
"product_data": [
{
"product_name": "Xiaomi shop application",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Xiaomi shop application 5.30.0.20241103.r1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=552",
"refsource": "MISC",
"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=552"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

78
2024/45xxx/CVE-2024-45355.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-45355",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@xiaomi.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function",
"cweId": "CWE-306"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Xiaomi",
"product": {
"product_data": [
{
"product_name": "Xiaomi phone framework",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Xiaomi phone framework 14"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=553",
"refsource": "MISC",
"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=553"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

317
2025/2xxx/CVE-2025-2720.json
View File

@ -5,326 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2025-2720",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in GNOME libgsf up to 1.14.53 and classified as problematic. Affected by this issue is the function gsf_base64_encode_simple. The manipulation of the argument size leads to use of uninitialized variable. The attack needs to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in GNOME libgsf bis 1.14.53 gefunden. Sie wurde als problematisch eingestuft. Davon betroffen ist die Funktion gsf_base64_encode_simple. Dank der Manipulation des Arguments size mit unbekannten Daten kann eine use of uninitialized variable-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Uninitialized Variable",
"cweId": "CWE-457"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Insecure Default Variable Initialization",
"cweId": "CWE-453"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GNOME",
"product": {
"product_data": [
{
"product_name": "libgsf",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.14.0"
},
{
"version_affected": "=",
"version_value": "1.14.1"
},
{
"version_affected": "=",
"version_value": "1.14.2"
},
{
"version_affected": "=",
"version_value": "1.14.3"
},
{
"version_affected": "=",
"version_value": "1.14.4"
},
{
"version_affected": "=",
"version_value": "1.14.5"
},
{
"version_affected": "=",
"version_value": "1.14.6"
},
{
"version_affected": "=",
"version_value": "1.14.7"
},
{
"version_affected": "=",
"version_value": "1.14.8"
},
{
"version_affected": "=",
"version_value": "1.14.9"
},
{
"version_affected": "=",
"version_value": "1.14.10"
},
{
"version_affected": "=",
"version_value": "1.14.11"
},
{
"version_affected": "=",
"version_value": "1.14.12"
},
{
"version_affected": "=",
"version_value": "1.14.13"
},
{
"version_affected": "=",
"version_value": "1.14.14"
},
{
"version_affected": "=",
"version_value": "1.14.15"
},
{
"version_affected": "=",
"version_value": "1.14.16"
},
{
"version_affected": "=",
"version_value": "1.14.17"
},
{
"version_affected": "=",
"version_value": "1.14.18"
},
{
"version_affected": "=",
"version_value": "1.14.19"
},
{
"version_affected": "=",
"version_value": "1.14.20"
},
{
"version_affected": "=",
"version_value": "1.14.21"
},
{
"version_affected": "=",
"version_value": "1.14.22"
},
{
"version_affected": "=",
"version_value": "1.14.23"
},
{
"version_affected": "=",
"version_value": "1.14.24"
},
{
"version_affected": "=",
"version_value": "1.14.25"
},
{
"version_affected": "=",
"version_value": "1.14.26"
},
{
"version_affected": "=",
"version_value": "1.14.27"
},
{
"version_affected": "=",
"version_value": "1.14.28"
},
{
"version_affected": "=",
"version_value": "1.14.29"
},
{
"version_affected": "=",
"version_value": "1.14.30"
},
{
"version_affected": "=",
"version_value": "1.14.31"
},
{
"version_affected": "=",
"version_value": "1.14.32"
},
{
"version_affected": "=",
"version_value": "1.14.33"
},
{
"version_affected": "=",
"version_value": "1.14.34"
},
{
"version_affected": "=",
"version_value": "1.14.35"
},
{
"version_affected": "=",
"version_value": "1.14.36"
},
{
"version_affected": "=",
"version_value": "1.14.37"
},
{
"version_affected": "=",
"version_value": "1.14.38"
},
{
"version_affected": "=",
"version_value": "1.14.39"
},
{
"version_affected": "=",
"version_value": "1.14.40"
},
{
"version_affected": "=",
"version_value": "1.14.41"
},
{
"version_affected": "=",
"version_value": "1.14.42"
},
{
"version_affected": "=",
"version_value": "1.14.43"
},
{
"version_affected": "=",
"version_value": "1.14.44"
},
{
"version_affected": "=",
"version_value": "1.14.45"
},
{
"version_affected": "=",
"version_value": "1.14.46"
},
{
"version_affected": "=",
"version_value": "1.14.47"
},
{
"version_affected": "=",
"version_value": "1.14.48"
},
{
"version_affected": "=",
"version_value": "1.14.49"
},
{
"version_affected": "=",
"version_value": "1.14.50"
},
{
"version_affected": "=",
"version_value": "1.14.51"
},
{
"version_affected": "=",
"version_value": "1.14.52"
},
{
"version_affected": "=",
"version_value": "1.14.53"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.300740",
"refsource": "MISC",
"name": "https://vuldb.com/?id.300740"
},
{
"url": "https://vuldb.com/?ctiid.300740",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.300740"
},
{
"url": "https://vuldb.com/?submit.520180",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.520180"
},
{
"url": "https://www.gnome.org/",
"refsource": "MISC",
"name": "https://www.gnome.org/"
}
]
},
"credits": [
{
"lang": "en",
"value": "ninpwn (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.3,
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: According to the code maintainer the call of the POC is invalid because the buffer pointed to by \"data\" must have \"len\" valid bytes. The docs were updated to make that clear."
}
]
}

18
2025/2xxx/CVE-2025-2845.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2845",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/2xxx/CVE-2025-2846.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2846",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/2xxx/CVE-2025-2847.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2847",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/2xxx/CVE-2025-2848.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2848",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/2xxx/CVE-2025-2849.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2849",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/2xxx/CVE-2025-2850.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2850",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/2xxx/CVE-2025-2851.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2851",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/2xxx/CVE-2025-2852.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2852",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}