admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-09-23 12:00:34 +00:00
parent b747483b55
commit e61dcc1337
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
6 changed files with 180 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
2024/25xxx/CVE-2024-25102.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system.\n"
"value": "This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-326: Inadequate Encryption Strength ",
"value": "CWE-326: Inadequate Encryption Strength",
"cweId": "CWE-326"
}
]
@ -61,6 +61,9 @@
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
@ -74,13 +77,13 @@
"value": "Upgrade to AppSamvid version 2.0.2 or later.<br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://cdac.in/index.aspx?id=cs_eps_appsamvid\">https://cdac.in/index.aspx?id=cs_eps_appsamvid</a><br>"
}
],
"value": "Upgrade to AppSamvid version 2.0.2 or later.\n\n https://cdac.in/index.aspx?id=cs_eps_appsamvid https://cdac.in/index.aspx \n"
"value": "Upgrade to AppSamvid version 2.0.2 or later.\n\n https://cdac.in/index.aspx?id=cs_eps_appsamvid"
}
],
"credits": [
{
"lang": "en",
"value": "This vulnerability is reported by Mukund Kedia."
"value": "This vulnerability is reported by Mukund Kedia and Avinash Kumar"
}
],
"impact": {
@ -89,14 +92,14 @@
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]

9
2024/25xxx/CVE-2024-25103.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the targeted system.\n"
"value": "This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the targeted system."
}
]
},
@ -61,6 +61,9 @@
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
@ -74,13 +77,13 @@
"value": "Upgrade to AppSamvid version 2.0.2 or later.<br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://cdac.in/index.aspx?id=cs_eps_appsamvid\">https://cdac.in/index.aspx?id=cs_eps_appsamvid</a><br>"
}
],
"value": "Upgrade to AppSamvid version 2.0.2 or later.\n\n https://cdac.in/index.aspx?id=cs_eps_appsamvid https://cdac.in/index.aspx \n"
"value": "Upgrade to AppSamvid version 2.0.2 or later.\n\n https://cdac.in/index.aspx?id=cs_eps_appsamvid"
}
],
"credits": [
{
"lang": "en",
"value": "This vulnerability is reported by Mukund Kedia."
"value": "This vulnerability is reported by Mukund Kedia and Avinash Kumar."
}
],
"impact": {

4
2024/36xxx/CVE-2024-36148.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field."
"value": "Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field."
}
]
},
@ -96,7 +96,7 @@
"modifiedConfidentialityImpact": "LOW",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "NOT_DEFINED",
"modifiedScope": "CHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",

77
2024/7xxx/CVE-2024-7735.json
View File

@ -1,18 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7735",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@usom.gov.tr",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Exnet Informatics Software Ferry Reservation System allows SQL Injection.This issue affects Ferry Reservation System: before 240805-002."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Exnet Informatics Software",
"product": {
"product_data": [
{
"product_name": "Ferry Reservation System",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "240805-002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1518",
"refsource": "MISC",
"name": "https://www.usom.gov.tr/bildirim/tr-24-1518"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TR-24-1518",
"defect": [
"TR-24-1518"
],
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Ya\u011f\u0131z B\u0130LG\u0130L\u0130"
},
{
"lang": "en",
"value": "Privia Security Inc."
}
]
}

77
2024/7xxx/CVE-2024-7835.json
View File

@ -1,18 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7835",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@usom.gov.tr",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Exnet Informatics Software Ferry Reservation System allows Reflected XSS.This issue affects Ferry Reservation System: before 240805-002."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Exnet Informatics Software",
"product": {
"product_data": [
{
"product_name": "Ferry Reservation System",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "240805-002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1518",
"refsource": "MISC",
"name": "https://www.usom.gov.tr/bildirim/tr-24-1518"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TR-24-1518",
"defect": [
"TR-24-1518"
],
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Ya\u011f\u0131z B\u0130LG\u0130L\u0130"
},
{
"lang": "en",
"value": "Privia Security Inc."
}
]
}

18
2024/9xxx/CVE-2024-9100.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9100",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}