mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
170f63f417
commit
d819e4c60d
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "bd554ed4fdc3"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.145",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -120,6 +130,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "5c0df9d30c28"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.145",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -109,6 +119,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "017d85c94f02"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.145",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -109,6 +119,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "694e13732e83"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.135",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -109,6 +119,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "c77fd3e25a51"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.145",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -109,6 +119,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "a585faf05915"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.150",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -120,6 +130,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "ee8db6475cb1"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.150",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -120,6 +130,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "aaf0a07d6088"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.140",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -120,6 +130,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -1,17 +1,106 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-11991",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Motoko's incremental garbage collector is impacted by an uninitialized memory access bug, caused by incorrect use of write barriers in a few locations. This vulnerability could potentially allow unauthorized read or write access to a Canister's memory. However, exploiting this bug requires the Canister to enable the incremental garbage collector or enhanced orthogonal persistence, which are non-default features in Motoko."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-908 Use of Uninitialized Resource",
|
||||
"cweId": "CWE-908"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Internet Computer",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Motoko",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "0.9.0",
|
||||
"version_value": "0.13.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/dfinity/motoko/pull/4677",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/dfinity/motoko/pull/4677"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/dfinity/motoko/security/advisories/GHSA-9rhg-3qf8-hrv3",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/dfinity/motoko/security/advisories/GHSA-9rhg-3qf8-hrv3"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.2.0"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"work_around": [
|
||||
{
|
||||
"lang": "en",
|
||||
"supportingMedia": [
|
||||
{
|
||||
"base64": false,
|
||||
"type": "text/html",
|
||||
"value": "<p>Disable incremental garbage collector and enhanced orthogonal persistence. i.e. do <strong>not compile</strong> with <i>\u2014incremental-gc</i> or <i>--enhanced-orthogonal-persistence</i> options.</p>"
|
||||
}
|
||||
],
|
||||
"value": "Disable incremental garbage collector and enhanced orthogonal persistence. i.e. do not compile\u00a0with\u00a0\u2014incremental-gc or --enhanced-orthogonal-persistence options."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "HIGH",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5.6,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2024/12xxx/CVE-2024-12366.json
Normal file
18
2024/12xxx/CVE-2024-12366.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-12366",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/12xxx/CVE-2024-12367.json
Normal file
18
2024/12xxx/CVE-2024-12367.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-12367",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/12xxx/CVE-2024-12368.json
Normal file
18
2024/12xxx/CVE-2024-12368.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-12368",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "dd1de9268745"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.149",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -120,6 +130,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "88b7f1143b15"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.157",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -120,6 +130,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "8f3d0bf1d0c6"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.159",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -120,6 +130,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "ad6480c9a5d8"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.1.119",
|
||||
"lessThanOrEqual": "6.1.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "d70c2e0904ab"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.1.119",
|
||||
"lessThanOrEqual": "6.1.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "da2140137260"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.159",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -120,6 +130,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "8c77398c7261"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.19",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
@ -98,6 +108,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "e3ec7017f6a2",
|
||||
"version_value": "b34d64e9aa55"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.16",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.16",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.27",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
@ -98,6 +108,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "e23a904dfeb5"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.8.10",
|
||||
"lessThanOrEqual": "6.8.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -1,17 +1,88 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-38485",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@dell.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low-privileged attacker could potentially exploit this vulnerability to trigger redirections that leads to sensitive information leakage."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
|
||||
"cweId": "CWE-601"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Dell",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "ECS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "N/A",
|
||||
"version_value": "3.8.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.dell.com/support/kbdoc/en-us/000256185/dsa-2024-331-security-update-for-dell-ecs-host-header-injection-vulnerability",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.dell.com/support/kbdoc/en-us/000256185/dsa-2024-331-security-update-for-dell-ecs-host-header-injection-vulnerability"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.2.0"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "35652dfa8cc9"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.164",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
@ -131,6 +141,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "66cf853e1c7a"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.1.100",
|
||||
"lessThanOrEqual": "6.1.*",
|
||||
@ -109,6 +119,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "cc796a77985d"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.9.8",
|
||||
"lessThanOrEqual": "6.9.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "79d54ddf0e29"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.9.8",
|
||||
"lessThanOrEqual": "6.9.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "76ec0e337072"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.9.8",
|
||||
"lessThanOrEqual": "6.9.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "583ce246c7ff"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.9.8",
|
||||
"lessThanOrEqual": "6.9.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "e3ec7017f6a2",
|
||||
"version_value": "ce4ba62f8bc5"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.16",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.16",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.9.9",
|
||||
"lessThanOrEqual": "6.9.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "0888d15ea45b"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.9.9",
|
||||
"lessThanOrEqual": "6.9.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-42426",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@dell.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource consumption vulnerability. A low privilege remote attacker could potentially exploit this vulnerability, leading to denial of service."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-400: Uncontrolled Resource Consumption",
|
||||
"cweId": "CWE-400"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Dell",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "PowerScale OneFS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "9.5.0.0",
|
||||
"version_value": "9.7.1.2"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "9.8.0.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.dell.com/support/kbdoc/en-in/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.dell.com/support/kbdoc/en-in/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.2.0"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "458bb83119df"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.10.5",
|
||||
"lessThanOrEqual": "6.10.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "ab3a769b4dcc",
|
||||
"version_value": "4d9adcb94d55"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.4",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.4",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.46",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
@ -98,6 +108,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "b1c9fbed3884"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.10.7",
|
||||
"lessThanOrEqual": "6.10.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "bb706e92c87b"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.10.9",
|
||||
"lessThanOrEqual": "6.10.*",
|
||||
@ -87,6 +97,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "07f384c5be1f"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.51",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
@ -98,6 +108,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "ab3a769b4dcc",
|
||||
"version_value": "013dae4735d2"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.4",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.4",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.51",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
@ -98,6 +108,6 @@
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "bippy-9e1c9544281a"
|
||||
"engine": "bippy-8e903de6a542"
|
||||
}
|
||||
}
|
||||
@ -1,17 +1,94 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-49600",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@dell.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of Privileges."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-284: Improper Access Control",
|
||||
"cweId": "CWE-284"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Dell",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Dell Power Manager (DPM)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "N/A",
|
||||
"version_value": "3.17"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.dell.com/support/kbdoc/en-us/000244438/dsa-2024-439",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.dell.com/support/kbdoc/en-us/000244438/dsa-2024-439"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.2.0"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Dell Technologies would like to thank TsungShu Chiu (CHT Security) for reporting this issue."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,102 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-49602",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@dell.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-765: Multiple Unlocks of a Critical Resource",
|
||||
"cweId": "CWE-765"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Dell",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "PowerScale OneFS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "8.2.2.x",
|
||||
"version_value": "9.7.1.2"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "9.4.0.0",
|
||||
"version_value": "9.4.0.19"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "9.5.0.0",
|
||||
"version_value": "9.5.1.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "9.8.0.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.dell.com/support/kbdoc/en-in/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.dell.com/support/kbdoc/en-in/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.2.0"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,93 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-49603",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secure@dell.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-687: Function Call With Incorrectly Specified Argument Value",
|
||||
"cweId": "CWE-687"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Dell",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "PowerScale OneFS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "8.2.2.x",
|
||||
"version_value": "9.7.1.2"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "9.8.0.0",
|
||||
"version_value": "9.9.0.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.dell.com/support/kbdoc/en-in/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.dell.com/support/kbdoc/en-in/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.2.0"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "e3ec7017f6a2",
|
||||
"version_value": "83c84cdb7557"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.16",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.16",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.10.14",
|
||||
"lessThanOrEqual": "6.10.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "e3ec7017f6a2",
|
||||
"version_value": "fdc73f2cfbe8"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.16",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.16",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.55",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "18f06bacc197"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.55",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "c940627857ee"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.10.14",
|
||||
"lessThanOrEqual": "6.10.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "0f62358ce85b"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.171",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "bcb5be342170"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.11.4",
|
||||
"lessThanOrEqual": "6.11.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "d1ac7e262030"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.1.119",
|
||||
"lessThanOrEqual": "6.1.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "509c1c6b499a"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.1.118",
|
||||
"lessThanOrEqual": "6.1.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "60fb94ef46c2"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.171",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "47e8a17491e3"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.171",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "e91fbb21f248"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.60",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "e5ae78590086"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "5.15.171",
|
||||
"lessThanOrEqual": "5.15.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "4534a70b7056",
|
||||
"version_value": "22cdf3be7d34"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.60",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "f7557bbca40d"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.1.117",
|
||||
"lessThanOrEqual": "6.1.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "1f993777275c"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.6.61",
|
||||
"lessThanOrEqual": "6.6.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "0626e6641f6b",
|
||||
"version_value": "f56446ba5378"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "5.15",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "5.15",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.1.117",
|
||||
"lessThanOrEqual": "6.1.*",
|
||||
|
||||
@ -40,13 +40,23 @@
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1da177e4c3f4",
|
||||
"version_name": "dd08ebf6c352",
|
||||
"version_value": "5d623ffbae96"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.8",
|
||||
"status": "affected"
|
||||
},
|
||||
{
|
||||
"version": "0",
|
||||
"lessThan": "6.8",
|
||||
"status": "unaffected",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"version": "6.11.9",
|
||||
"lessThanOrEqual": "6.11.*",
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-54919",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-54919",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary java script via the filename parameter."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/XSS%20by%20File%20Upload%20-%20Update%20Avatar.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/XSS%20by%20File%20Upload%20-%20Update%20Avatar.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-54920",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-54920",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A SQL Injection vulnerability was found in the /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the firstname, lastname, and class_id parameters."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/SQL%20Injection%20-%20Signup%20teacher.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/SQL%20Injection%20-%20Signup%20teacher.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-54929",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-54929",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_subject.php."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/SQL%20Injection%20-%20delete%20subject.pdf",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/SQL%20Injection%20-%20delete%20subject.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2024/55xxx/CVE-2024-55601.json
Normal file
18
2024/55xxx/CVE-2024-55601.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-55601",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/55xxx/CVE-2024-55602.json
Normal file
18
2024/55xxx/CVE-2024-55602.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-55602",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/55xxx/CVE-2024-55603.json
Normal file
18
2024/55xxx/CVE-2024-55603.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-55603",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/55xxx/CVE-2024-55604.json
Normal file
18
2024/55xxx/CVE-2024-55604.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-55604",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/55xxx/CVE-2024-55605.json
Normal file
18
2024/55xxx/CVE-2024-55605.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-55605",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user