admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-05-14 15:00:35 +00:00
parent 7c673ab1e0
commit e3def7bfcb
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
14 changed files with 1208 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2023/35xxx/CVE-2023-35841.json
View File

@ -1,17 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35841",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"cweId": "CWE-732"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-782 Exposed IOCTL with Insufficient Access Control",
"cweId": "CWE-782"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Phoenix",
"product": {
"product_data": [
{
"product_name": "WinFlash Driver",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.5.0.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.phoenix.com/security-notifications/cve-2023-35841/",
"refsource": "MISC",
"name": "https://www.phoenix.com/security-notifications/cve-2023-35841/"
},
{
"url": "https://blogs.vmware.com/security/2023/10/hunting-vulnerable-kernel-drivers.html",
"refsource": "MISC",
"name": "https://blogs.vmware.com/security/2023/10/hunting-vulnerable-kernel-drivers.html"
},
{
"url": "https://jvn.jp/en/vu/JVNVU93886750/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/en/vu/JVNVU93886750/index.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Takahiro Haruyama of Broadcom"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

178
2024/0xxx/CVE-2024-0762.json
View File

@ -1,17 +1,189 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0762",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Potential buffer overflow \nin unsafe UEFI variable handling \n\nin Phoenix SecureCore\u2122 for select Intel platforms\n\nThis issue affects:\n\nPhoenix \n\nSecureCore\u2122 for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998;\n\nPhoenix \n\nSecureCore\u2122 for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562;\n\nPhoenix \n\nSecureCore\u2122 for Intel Ice Lake: from 4.2.0.1 before 4.2.0.323;\n\nPhoenix \n\nSecureCore\u2122 for Intel Comet Lake: from 4.2.1.1 before 4.2.1.287;\n\nPhoenix \n\nSecureCore\u2122 for Intel Tiger Lake: from 4.3.0.1 before 4.3.0.236;\n\nPhoenix \n\nSecureCore\u2122 for Intel Jasper Lake: from 4.3.1.1 before 4.3.1.184;\n\nPhoenix \n\nSecureCore\u2122 for Intel Alder Lake: from 4.4.0.1 before 4.4.0.269;\n\nPhoenix \n\nSecureCore\u2122 for Intel Raptor Lake: from 4.5.0.1 before 4.5.0.218;\n\nPhoenix \n\nSecureCore\u2122 for Intel Meteor Lake: from 4.5.1.1 before 4.5.1.15.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Phoenix",
"product": {
"product_data": [
{
"product_name": "SecureCore\u2122 for Intel Kaby Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.0.1.1",
"version_value": "4.0.1.998"
}
]
}
},
{
"product_name": "SecureCore\u2122 for Intel Coffee Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.1.0.1",
"version_value": "4.1.0.562"
}
]
}
},
{
"product_name": "SecureCore\u2122 for Intel Ice Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.2.0.1",
"version_value": "4.2.0.323"
}
]
}
},
{
"product_name": "SecureCore\u2122 for Intel Comet Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.2.1.1",
"version_value": "4.2.1.287"
}
]
}
},
{
"product_name": "SecureCore\u2122 for Intel Tiger Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.3.0.1",
"version_value": "4.3.0.236"
}
]
}
},
{
"product_name": "SecureCore\u2122 for Intel Jasper Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.3.1.1",
"version_value": "4.3.1.184"
}
]
}
},
{
"product_name": "SecureCore\u2122 for Intel Alder Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.4.0.1",
"version_value": "4.4.0.269"
}
]
}
},
{
"product_name": "SecureCore\u2122 for Intel Raptor Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.5.0.1",
"version_value": "4.5.0.218"
}
]
}
},
{
"product_name": "SecureCore\u2122 for Intel Meteor Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.5.1.1",
"version_value": "4.5.1.15"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.phoenix.com/security-notifications/cve-2024-0762/",
"refsource": "MISC",
"name": "https://www.phoenix.com/security-notifications/cve-2024-0762/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Oren Isacson from Eclypsium"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

82
2024/1xxx/CVE-2024-1598.json
View File

@ -1,17 +1,93 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1598",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Potential buffer overflow \nin unsafe UEFI variable handling \n\nin Phoenix SecureCore\u2122 for Intel Gemini Lake.This issue affects:\n\nSecureCore\u2122 for Intel Gemini Lake: from 4.1.0.1 before 4.1.0.567.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Phoenix",
"product": {
"product_data": [
{
"product_name": "SecureCore\u2122 for Intel Gemini Lake",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.1.0.1",
"version_value": "4.1.0.567"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.phoenix.com/security-notifications/cve-2024-1598/",
"refsource": "MISC",
"name": "https://www.phoenix.com/security-notifications/cve-2024-1598/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Zichuan Li from Indiana University Bloomington"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

56
2024/34xxx/CVE-2024-34256.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34256",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-34256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OFCMS V1.1.2 is vulnerable to SQL Injection via the new table function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/ZackSecurity/VulnerReport/blob/cve/ofcms/1.md",
"url": "https://github.com/ZackSecurity/VulnerReport/blob/cve/ofcms/1.md"
}
]
}

95
2024/34xxx/CVE-2024-34355.json
View File

@ -1,17 +1,104 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34355",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TYPO3 is an enterprise content management system. Starting in version 13.0.0 and prior to version 13.1.1, the history backend module is vulnerable to HTML injection. Although Content-Security-Policy headers effectively prevent JavaScript execution, adversaries can still inject malicious HTML markup. Exploiting this vulnerability requires a valid backend user account. TYPO3 version 13.1.1 fixes the problem described."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116: Improper Encoding or Escaping of Output",
"cweId": "CWE-116"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TYPO3",
"product": {
"product_data": [
{
"product_name": "typo3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 13.0.0, < 13.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc"
},
{
"url": "https://github.com/TYPO3/typo3/commit/56afa304ba8b5ad302e15df5def71bcc8d820375",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/56afa304ba8b5ad302e15df5def71bcc8d820375"
},
{
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-007",
"refsource": "MISC",
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-007"
}
]
},
"source": {
"advisory": "GHSA-xjwx-78x7-q6jc",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}

112
2024/34xxx/CVE-2024-34356.json
View File

@ -1,17 +1,121 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34356",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the form manager backend module is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to the form module. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1 fix the problem described."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TYPO3",
"product": {
"product_data": [
{
"product_name": "typo3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 9.0.0, < 9.5.48"
},
{
"version_affected": "=",
"version_value": ">= 10.0.0, < 10.4.45"
},
{
"version_affected": "=",
"version_value": ">= 11.0.0, < 11.5.37"
},
{
"version_affected": "=",
"version_value": ">= 12.0.0, < 12.4.15"
},
{
"version_affected": "=",
"version_value": ">= 13.0.0, < 13.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-v6mw-h7w6-59w3",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-v6mw-h7w6-59w3"
},
{
"url": "https://github.com/TYPO3/typo3/commit/2832e2f51f929aeddb5de7d667538a33ceda8156",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/2832e2f51f929aeddb5de7d667538a33ceda8156"
},
{
"url": "https://github.com/TYPO3/typo3/commit/d0393a879a32fb4e3569acad6bdb5cda776be1e5",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/d0393a879a32fb4e3569acad6bdb5cda776be1e5"
},
{
"url": "https://github.com/TYPO3/typo3/commit/e95a1224719efafb9cab2d85964f240fd0356e64",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/e95a1224719efafb9cab2d85964f240fd0356e64"
},
{
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-008",
"refsource": "MISC",
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-008"
}
]
},
"source": {
"advisory": "GHSA-v6mw-h7w6-59w3",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

112
2024/34xxx/CVE-2024-34357.json
View File

@ -1,17 +1,121 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34357",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the `ShowImageController` (`_eID tx_cms_showpic_`) is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to file entities. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem described."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TYPO3",
"product": {
"product_data": [
{
"product_name": "typo3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 9.0.0, < 9.5.48"
},
{
"version_affected": "=",
"version_value": ">= 10.0.0, < 10.4.45"
},
{
"version_affected": "=",
"version_value": ">= 11.0.0, < 11.5.37"
},
{
"version_affected": "=",
"version_value": ">= 12.0.0, < 12.4.15"
},
{
"version_affected": "=",
"version_value": ">= 13.0.0, < 13.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-hw6c-6gwq-3m3m",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-hw6c-6gwq-3m3m"
},
{
"url": "https://github.com/TYPO3/typo3/commit/376474904f6b9a54dc1b785a2e45277cbd13b0d7",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/376474904f6b9a54dc1b785a2e45277cbd13b0d7"
},
{
"url": "https://github.com/TYPO3/typo3/commit/b31d05d1da3eeaeead2d19eb43b1c3f9c88e15ee",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/b31d05d1da3eeaeead2d19eb43b1c3f9c88e15ee"
},
{
"url": "https://github.com/TYPO3/typo3/commit/d774642381354d3bf5095a5a26e18acd2767f0b1",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/d774642381354d3bf5095a5a26e18acd2767f0b1"
},
{
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-009",
"refsource": "MISC",
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-009"
}
]
},
"source": {
"advisory": "GHSA-hw6c-6gwq-3m3m",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

121
2024/34xxx/CVE-2024-34358.json
View File

@ -1,17 +1,130 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34358",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the `ShowImageController` (`_eID tx_cms_showpic_`) lacks a cryptographic HMAC-signature on the `frame` HTTP query parameter (e.g. `/index.php?eID=tx_cms_showpic?file=3&...&frame=12345`). This allows adversaries to instruct the system to produce an arbitrary number of thumbnail images on the server side. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, 13.1.1 fix the problem described."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347: Improper Verification of Cryptographic Signature",
"cweId": "CWE-347"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TYPO3",
"product": {
"product_data": [
{
"product_name": "typo3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 9.0.0, < 9.5.48"
},
{
"version_affected": "=",
"version_value": ">= 10.0.0, < 10.4.45"
},
{
"version_affected": "=",
"version_value": ">= 11.0.0, < 11.5.37"
},
{
"version_affected": "=",
"version_value": ">= 12.0.0, < 12.4.15"
},
{
"version_affected": "=",
"version_value": ">= 13.0.0, < 13.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-36g8-62qv-5957",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-36g8-62qv-5957"
},
{
"url": "https://github.com/TYPO3/typo3/commit/05c95fed869a1a6dcca06c7077b83b6ea866ff14",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/05c95fed869a1a6dcca06c7077b83b6ea866ff14"
},
{
"url": "https://github.com/TYPO3/typo3/commit/1e70ebf736935413b0531004839362b4fb0755a5",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/1e70ebf736935413b0531004839362b4fb0755a5"
},
{
"url": "https://github.com/TYPO3/typo3/commit/df7909b6a1cf0f12a42994d0cc3376b607746142",
"refsource": "MISC",
"name": "https://github.com/TYPO3/typo3/commit/df7909b6a1cf0f12a42994d0cc3376b607746142"
},
{
"url": "https://typo3.org/security/advisory/typo3-core-sa-2024-010",
"refsource": "MISC",
"name": "https://typo3.org/security/advisory/typo3-core-sa-2024-010"
}
]
},
"source": {
"advisory": "GHSA-36g8-62qv-5957",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
]
}

90
2024/34xxx/CVE-2024-34712.json
View File

@ -1,17 +1,99 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34712",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Oceanic is a NodeJS library for interfacing with Discord. Prior to version 1.10.4, input to functions such as `Client.rest.channels.removeBan` is not url-encoded, resulting in specially crafted input such as `../../../channels/{id}` being normalized into the url `/api/v10/channels/{id}`, and deleting a channel rather than removing a ban. Version 1.10.4 fixes this issue. Some workarounds are available. One may sanitize user input, ensuring strings are valid for the purpose they are being used for. One may also encode input with `encodeURIComponent` before providing it to the library."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-23: Relative Path Traversal",
"cweId": "CWE-23"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OceanicJS",
"product": {
"product_data": [
{
"product_name": "Oceanic",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 1.10.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/OceanicJS/Oceanic/security/advisories/GHSA-5h5v-hw44-f6gg",
"refsource": "MISC",
"name": "https://github.com/OceanicJS/Oceanic/security/advisories/GHSA-5h5v-hw44-f6gg"
},
{
"url": "https://github.com/OceanicJS/Oceanic/commit/8bf8ee8373b8c565fbdbf70a609aba4fbc1a1ffe",
"refsource": "MISC",
"name": "https://github.com/OceanicJS/Oceanic/commit/8bf8ee8373b8c565fbdbf70a609aba4fbc1a1ffe"
}
]
},
"source": {
"advisory": "GHSA-5h5v-hw44-f6gg",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

81
2024/34xxx/CVE-2024-34713.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34713",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using `sshproxy` can inject options to the `ssh` command executed by `sshproxy`. All versions of `sshproxy` are impacted. The problem is patched starting in version 1.6.3. The only workaround is to use the `force_command` option in `sshproxy.yaml`, but it's rarely relevant."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
"cweId": "CWE-77"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "cea-hpc",
"product": {
"product_data": [
{
"product_name": "sshproxy",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 1.6.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/cea-hpc/sshproxy/security/advisories/GHSA-jmqp-37m5-49wh",
"refsource": "MISC",
"name": "https://github.com/cea-hpc/sshproxy/security/advisories/GHSA-jmqp-37m5-49wh"
},
{
"url": "https://github.com/cea-hpc/sshproxy/commit/f7eabd05d5f0f951e160293692327cad9a7d9580",
"refsource": "MISC",
"name": "https://github.com/cea-hpc/sshproxy/commit/f7eabd05d5f0f951e160293692327cad9a7d9580"
}
]
},
"source": {
"advisory": "GHSA-jmqp-37m5-49wh",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

91
2024/34xxx/CVE-2024-34714.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-34714",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Hoppscotch Browser Extension is a browser extension for Hoppscotch, a community-driven end-to-end open-source API development ecosystem. Due to an oversight during a change made to the extension in the commit d4e8e4830326f46ba17acd1307977ecd32a85b58, a critical check for the origin list was missed and allowed for messages to be sent to the extension which the extension gladly processed and responded back with the results of, while this wasn't supposed to happen and be blocked by the origin not being present in the origin list.\n\nThis vulnerability exposes Hoppscotch Extension users to sites which call into Hoppscotch Extension APIs internally. This fundamentally allows any site running on the browser with the extension installed to bypass CORS restrictions if the user is running extensions with the given version. This security hole was patched in the commit 7e364b928ab722dc682d0fcad713a96cc38477d6 which was released along with the extension version `0.35`. As a workaround, Chrome users can use the Extensions Settings to disable the extension access to only the origins that you want. Firefox doesn't have an alternative to upgrading to a fixed version."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-354: Improper Validation of Integrity Check Value",
"cweId": "CWE-354"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "hoppscotch",
"product": {
"product_data": [
{
"product_name": "hoppscotch-extension",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 0.28, < 0.35"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/hoppscotch/hoppscotch-extension/security/advisories/GHSA-jjh5-pvqx-gg5v",
"refsource": "MISC",
"name": "https://github.com/hoppscotch/hoppscotch-extension/security/advisories/GHSA-jjh5-pvqx-gg5v"
},
{
"url": "https://github.com/hoppscotch/hoppscotch-extension/commit/7e364b928ab722dc682d0fcad713a96cc38477d6",
"refsource": "MISC",
"name": "https://github.com/hoppscotch/hoppscotch-extension/commit/7e364b928ab722dc682d0fcad713a96cc38477d6"
},
{
"url": "https://github.com/hoppscotch/hoppscotch-extension/commit/d4e8e4830326f46ba17acd1307977ecd32a85b58",
"refsource": "MISC",
"name": "https://github.com/hoppscotch/hoppscotch-extension/commit/d4e8e4830326f46ba17acd1307977ecd32a85b58"
},
{
"url": "https://server.yadhu.in/poc/hoppscotch-poc.html",
"refsource": "MISC",
"name": "https://server.yadhu.in/poc/hoppscotch-poc.html"
}
]
},
"source": {
"advisory": "GHSA-jjh5-pvqx-gg5v",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
]
}

95
2024/4xxx/CVE-2024-4871.json Normal file
View File

@ -0,0 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-4871",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses \"-o StrictHostKeyChecking=no\". This flaw can lead to a man-in-the-middle attack (MITM), denial of service, leaking of secrets the remote execution job contains, or other issues that may arise from the attacker's ability to forge an SSH key. This issue does not directly allow unauthorized remote execution on the Satellite, although it can leak secrets that may lead to it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Key Exchange without Entity Authentication",
"cweId": "CWE-322"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Satellite 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-4871",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2024-4871"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278627",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2278627"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Currently there is no mitigation available for this vulnerability. Please perform the necessary updates as they become available."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
}
}

18
2024/4xxx/CVE-2024-4872.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4872",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/4xxx/CVE-2024-4873.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4873",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}