admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-04-24 20:00:36 +00:00
parent ba5e614bcf
commit ffbe74bf84
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
9 changed files with 2994 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2023/26xxx/CVE-2023-26756.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://www.esecforte.com/login-page-brute-force-attack/",
"url": "https://www.esecforte.com/login-page-brute-force-attack/"
},
{
"refsource": "FULLDISC",
"name": "20240424 Response to CVE-2023-26756 - Revive Adserver",
"url": "http://seclists.org/fulldisclosure/2024/Apr/27"
}
]
}

746
2024/20xxx/CVE-2024-20295.json
View File

@ -1,17 +1,755 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20295",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@cisco.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or higher privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System (Standalone)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0(1c)"
},
{
"version_affected": "=",
"version_value": "3.0(1d)"
},
{
"version_affected": "=",
"version_value": "3.0(2b)"
},
{
"version_affected": "=",
"version_value": "3.0(3a)"
},
{
"version_affected": "=",
"version_value": "3.0(3b)"
},
{
"version_affected": "=",
"version_value": "3.0(3c)"
},
{
"version_affected": "=",
"version_value": "3.0(3e)"
},
{
"version_affected": "=",
"version_value": "3.0(3f)"
},
{
"version_affected": "=",
"version_value": "3.0(4a)"
},
{
"version_affected": "=",
"version_value": "3.0(4d)"
},
{
"version_affected": "=",
"version_value": "3.0(4e)"
},
{
"version_affected": "=",
"version_value": "3.0(4i)"
},
{
"version_affected": "=",
"version_value": "3.0(4j)"
},
{
"version_affected": "=",
"version_value": "3.0(4k)"
},
{
"version_affected": "=",
"version_value": "3.0(4l)"
},
{
"version_affected": "=",
"version_value": "3.0(4m)"
},
{
"version_affected": "=",
"version_value": "3.0(4n)"
},
{
"version_affected": "=",
"version_value": "3.0(4o)"
},
{
"version_affected": "=",
"version_value": "3.0(4p)"
},
{
"version_affected": "=",
"version_value": "3.0(4q)"
},
{
"version_affected": "=",
"version_value": "3.0(4r)"
},
{
"version_affected": "=",
"version_value": "3.0(4s)"
},
{
"version_affected": "=",
"version_value": "2.0(10b)"
},
{
"version_affected": "=",
"version_value": "2.0(10c)"
},
{
"version_affected": "=",
"version_value": "2.0(10e)"
},
{
"version_affected": "=",
"version_value": "2.0(10f)"
},
{
"version_affected": "=",
"version_value": "2.0(10g)"
},
{
"version_affected": "=",
"version_value": "2.0(10h)"
},
{
"version_affected": "=",
"version_value": "2.0(10i)"
},
{
"version_affected": "=",
"version_value": "2.0(10k)"
},
{
"version_affected": "=",
"version_value": "2.0(10l)"
},
{
"version_affected": "=",
"version_value": "2.0(12b)"
},
{
"version_affected": "=",
"version_value": "2.0(12c)"
},
{
"version_affected": "=",
"version_value": "2.0(12d)"
},
{
"version_affected": "=",
"version_value": "2.0(12e)"
},
{
"version_affected": "=",
"version_value": "2.0(12f)"
},
{
"version_affected": "=",
"version_value": "2.0(12g)"
},
{
"version_affected": "=",
"version_value": "2.0(12h)"
},
{
"version_affected": "=",
"version_value": "2.0(12i)"
},
{
"version_affected": "=",
"version_value": "2.0(13e)"
},
{
"version_affected": "=",
"version_value": "2.0(13f)"
},
{
"version_affected": "=",
"version_value": "2.0(13h)"
},
{
"version_affected": "=",
"version_value": "2.0(13i)"
},
{
"version_affected": "=",
"version_value": "2.0(13k)"
},
{
"version_affected": "=",
"version_value": "2.0(13n)"
},
{
"version_affected": "=",
"version_value": "2.0(13o)"
},
{
"version_affected": "=",
"version_value": "2.0(13p)"
},
{
"version_affected": "=",
"version_value": "2.0(13q)"
},
{
"version_affected": "=",
"version_value": "2.0(1a)"
},
{
"version_affected": "=",
"version_value": "2.0(1b)"
},
{
"version_affected": "=",
"version_value": "2.0(3d)1"
},
{
"version_affected": "=",
"version_value": "2.0(3d)2"
},
{
"version_affected": "=",
"version_value": "2.0(3e)1"
},
{
"version_affected": "=",
"version_value": "2.0(3f)3"
},
{
"version_affected": "=",
"version_value": "2.0(3i)"
},
{
"version_affected": "=",
"version_value": "2.0(3j)1"
},
{
"version_affected": "=",
"version_value": "2.0(4c)"
},
{
"version_affected": "=",
"version_value": "2.0(4c)1"
},
{
"version_affected": "=",
"version_value": "2.0(6d)"
},
{
"version_affected": "=",
"version_value": "2.0(6f)"
},
{
"version_affected": "=",
"version_value": "2.0(8d)"
},
{
"version_affected": "=",
"version_value": "2.0(8e)"
},
{
"version_affected": "=",
"version_value": "2.0(8g)"
},
{
"version_affected": "=",
"version_value": "2.0(8h)"
},
{
"version_affected": "=",
"version_value": "2.0(9c)"
},
{
"version_affected": "=",
"version_value": "2.0(9e)"
},
{
"version_affected": "=",
"version_value": "2.0(9f)"
},
{
"version_affected": "=",
"version_value": "2.0(9l)"
},
{
"version_affected": "=",
"version_value": "2.0(9m)"
},
{
"version_affected": "=",
"version_value": "2.0(9n)"
},
{
"version_affected": "=",
"version_value": "2.0(9o)"
},
{
"version_affected": "=",
"version_value": "2.0(9p)"
},
{
"version_affected": "=",
"version_value": "3.1(1d)"
},
{
"version_affected": "=",
"version_value": "3.1(2b)"
},
{
"version_affected": "=",
"version_value": "3.1(2c)"
},
{
"version_affected": "=",
"version_value": "3.1(2d)"
},
{
"version_affected": "=",
"version_value": "3.1(2e)"
},
{
"version_affected": "=",
"version_value": "3.1(2g)"
},
{
"version_affected": "=",
"version_value": "3.1(2i)"
},
{
"version_affected": "=",
"version_value": "3.1(3a)"
},
{
"version_affected": "=",
"version_value": "3.1(3b)"
},
{
"version_affected": "=",
"version_value": "3.1(3c)"
},
{
"version_affected": "=",
"version_value": "3.1(3d)"
},
{
"version_affected": "=",
"version_value": "3.1(3g)"
},
{
"version_affected": "=",
"version_value": "3.1(3h)"
},
{
"version_affected": "=",
"version_value": "3.1(3i)"
},
{
"version_affected": "=",
"version_value": "3.1(3j)"
},
{
"version_affected": "=",
"version_value": "3.1(3k)"
},
{
"version_affected": "=",
"version_value": "4.0(1.240)"
},
{
"version_affected": "=",
"version_value": "4.0(1a)"
},
{
"version_affected": "=",
"version_value": "4.0(1b)"
},
{
"version_affected": "=",
"version_value": "4.0(1c)"
},
{
"version_affected": "=",
"version_value": "4.0(1d)"
},
{
"version_affected": "=",
"version_value": "4.0(1e)"
},
{
"version_affected": "=",
"version_value": "4.0(1g)"
},
{
"version_affected": "=",
"version_value": "4.0(1h)"
},
{
"version_affected": "=",
"version_value": "4.0(2c)"
},
{
"version_affected": "=",
"version_value": "4.0(2d)"
},
{
"version_affected": "=",
"version_value": "4.0(2f)"
},
{
"version_affected": "=",
"version_value": "4.0(2g)"
},
{
"version_affected": "=",
"version_value": "4.0(2h)"
},
{
"version_affected": "=",
"version_value": "4.0(2i)"
},
{
"version_affected": "=",
"version_value": "4.0(2l)"
},
{
"version_affected": "=",
"version_value": "4.0(2n)"
},
{
"version_affected": "=",
"version_value": "4.0(4b)"
},
{
"version_affected": "=",
"version_value": "4.0(4c)"
},
{
"version_affected": "=",
"version_value": "4.0(4d)"
},
{
"version_affected": "=",
"version_value": "4.0(4e)"
},
{
"version_affected": "=",
"version_value": "4.0(4f)"
},
{
"version_affected": "=",
"version_value": "4.0(4h)"
},
{
"version_affected": "=",
"version_value": "4.0(4i)"
},
{
"version_affected": "=",
"version_value": "4.0(4k)"
},
{
"version_affected": "=",
"version_value": "4.0(4l)"
},
{
"version_affected": "=",
"version_value": "4.0(4m)"
},
{
"version_affected": "=",
"version_value": "4.0(2o)"
},
{
"version_affected": "=",
"version_value": "4.0(2p)"
},
{
"version_affected": "=",
"version_value": "4.0(4n)"
},
{
"version_affected": "=",
"version_value": "4.0(2q)"
},
{
"version_affected": "=",
"version_value": "4.0(2r)"
},
{
"version_affected": "=",
"version_value": "4.1(1c)"
},
{
"version_affected": "=",
"version_value": "4.1(1d)"
},
{
"version_affected": "=",
"version_value": "4.1(1f)"
},
{
"version_affected": "=",
"version_value": "4.1(1g)"
},
{
"version_affected": "=",
"version_value": "4.1(2a)"
},
{
"version_affected": "=",
"version_value": "4.1(1h)"
},
{
"version_affected": "=",
"version_value": "4.1(2b)"
},
{
"version_affected": "=",
"version_value": "4.1(2f)"
},
{
"version_affected": "=",
"version_value": "4.1(2e)"
},
{
"version_affected": "=",
"version_value": "4.1(3b)"
},
{
"version_affected": "=",
"version_value": "4.1(2d)"
},
{
"version_affected": "=",
"version_value": "4.1(3c)"
},
{
"version_affected": "=",
"version_value": "4.1(3d)"
},
{
"version_affected": "=",
"version_value": "4.1(2g)"
},
{
"version_affected": "=",
"version_value": "4.1(3f)"
},
{
"version_affected": "=",
"version_value": "4.1(2h)"
},
{
"version_affected": "=",
"version_value": "4.1(2j)"
},
{
"version_affected": "=",
"version_value": "4.1(2k)"
},
{
"version_affected": "=",
"version_value": "4.1(2l)"
},
{
"version_affected": "=",
"version_value": "4.1(3h)"
},
{
"version_affected": "=",
"version_value": "4.1(3i)"
},
{
"version_affected": "=",
"version_value": "4.1(3l)"
},
{
"version_affected": "=",
"version_value": "4.2(1a)"
},
{
"version_affected": "=",
"version_value": "4.2(1b)"
},
{
"version_affected": "=",
"version_value": "4.2(1c)"
},
{
"version_affected": "=",
"version_value": "4.2(1e)"
},
{
"version_affected": "=",
"version_value": "4.2(1f)"
},
{
"version_affected": "=",
"version_value": "4.2(1g)"
},
{
"version_affected": "=",
"version_value": "4.2(1i)"
},
{
"version_affected": "=",
"version_value": "4.2(1j)"
},
{
"version_affected": "=",
"version_value": "4.2(2a)"
},
{
"version_affected": "=",
"version_value": "4.2(2f)"
},
{
"version_affected": "=",
"version_value": "4.2(2g)"
},
{
"version_affected": "=",
"version_value": "4.2(3b)"
},
{
"version_affected": "=",
"version_value": "4.2(3d)"
},
{
"version_affected": "=",
"version_value": "4.2(3e)"
},
{
"version_affected": "=",
"version_value": "4.2(3g)"
},
{
"version_affected": "=",
"version_value": "4.2(3h)"
},
{
"version_affected": "=",
"version_value": "4.2(3i)"
},
{
"version_affected": "=",
"version_value": "4.3(1.230097)"
},
{
"version_affected": "=",
"version_value": "4.3(1.230124)"
},
{
"version_affected": "=",
"version_value": "4.3(1.230138)"
},
{
"version_affected": "=",
"version_value": "4.3(2.230207)"
},
{
"version_affected": "=",
"version_value": "4.3(2.230270)"
}
]
}
},
{
"product_name": "Cisco Unified Computing System E-Series Software (UCSE)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ",
"refsource": "MISC",
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ"
}
]
},
"source": {
"advisory": "cisco-sa-cimc-cmd-inj-mUx4c5AJ",
"discovery": "EXTERNAL",
"defects": [
"CSCwi12864",
"CSCwi29799",
"CSCwi10842"
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
}
]
}

711
2024/20xxx/CVE-2024-20356.json
View File

@ -1,17 +1,720 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20356",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@cisco.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to elevate their privileges to root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System (Standalone)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0(1c)"
},
{
"version_affected": "=",
"version_value": "3.0(1d)"
},
{
"version_affected": "=",
"version_value": "3.0(3a)"
},
{
"version_affected": "=",
"version_value": "3.0(3b)"
},
{
"version_affected": "=",
"version_value": "3.0(3e)"
},
{
"version_affected": "=",
"version_value": "3.0(4a)"
},
{
"version_affected": "=",
"version_value": "3.0(4d)"
},
{
"version_affected": "=",
"version_value": "3.0(4e)"
},
{
"version_affected": "=",
"version_value": "3.0(4i)"
},
{
"version_affected": "=",
"version_value": "3.0(4j)"
},
{
"version_affected": "=",
"version_value": "3.0(4k)"
},
{
"version_affected": "=",
"version_value": "3.0(4l)"
},
{
"version_affected": "=",
"version_value": "3.0(4m)"
},
{
"version_affected": "=",
"version_value": "3.0(4n)"
},
{
"version_affected": "=",
"version_value": "3.0(4o)"
},
{
"version_affected": "=",
"version_value": "3.0(4p)"
},
{
"version_affected": "=",
"version_value": "3.0(4q)"
},
{
"version_affected": "=",
"version_value": "3.0(4r)"
},
{
"version_affected": "=",
"version_value": "3.0(4s)"
},
{
"version_affected": "=",
"version_value": "3.1(1d)"
},
{
"version_affected": "=",
"version_value": "3.1(2b)"
},
{
"version_affected": "=",
"version_value": "3.1(2c)"
},
{
"version_affected": "=",
"version_value": "3.1(2d)"
},
{
"version_affected": "=",
"version_value": "3.1(2e)"
},
{
"version_affected": "=",
"version_value": "3.1(2g)"
},
{
"version_affected": "=",
"version_value": "3.1(2i)"
},
{
"version_affected": "=",
"version_value": "3.1(3a)"
},
{
"version_affected": "=",
"version_value": "3.1(3b)"
},
{
"version_affected": "=",
"version_value": "3.1(3c)"
},
{
"version_affected": "=",
"version_value": "3.1(3d)"
},
{
"version_affected": "=",
"version_value": "3.1(3g)"
},
{
"version_affected": "=",
"version_value": "3.1(3h)"
},
{
"version_affected": "=",
"version_value": "3.1(3i)"
},
{
"version_affected": "=",
"version_value": "3.1(3j)"
},
{
"version_affected": "=",
"version_value": "3.1(3k)"
},
{
"version_affected": "=",
"version_value": "4.0(1.240)"
},
{
"version_affected": "=",
"version_value": "4.0(1a)"
},
{
"version_affected": "=",
"version_value": "4.0(1b)"
},
{
"version_affected": "=",
"version_value": "4.0(1c)"
},
{
"version_affected": "=",
"version_value": "4.0(1d)"
},
{
"version_affected": "=",
"version_value": "4.0(1e)"
},
{
"version_affected": "=",
"version_value": "4.0(1g)"
},
{
"version_affected": "=",
"version_value": "4.0(1h)"
},
{
"version_affected": "=",
"version_value": "4.0(2c)"
},
{
"version_affected": "=",
"version_value": "4.0(2d)"
},
{
"version_affected": "=",
"version_value": "4.0(2f)"
},
{
"version_affected": "=",
"version_value": "4.0(2g)"
},
{
"version_affected": "=",
"version_value": "4.0(2h)"
},
{
"version_affected": "=",
"version_value": "4.0(2i)"
},
{
"version_affected": "=",
"version_value": "4.0(2k)"
},
{
"version_affected": "=",
"version_value": "4.0(2l)"
},
{
"version_affected": "=",
"version_value": "4.0(2m)"
},
{
"version_affected": "=",
"version_value": "4.0(2n)"
},
{
"version_affected": "=",
"version_value": "4.0(4b)"
},
{
"version_affected": "=",
"version_value": "4.0(4c)"
},
{
"version_affected": "=",
"version_value": "4.0(4d)"
},
{
"version_affected": "=",
"version_value": "4.0(4e)"
},
{
"version_affected": "=",
"version_value": "4.0(4f)"
},
{
"version_affected": "=",
"version_value": "4.0(4h)"
},
{
"version_affected": "=",
"version_value": "4.0(4i)"
},
{
"version_affected": "=",
"version_value": "4.0(4j)"
},
{
"version_affected": "=",
"version_value": "4.0(4k)"
},
{
"version_affected": "=",
"version_value": "4.0(4l)"
},
{
"version_affected": "=",
"version_value": "4.0(4m)"
},
{
"version_affected": "=",
"version_value": "4.0(2o)"
},
{
"version_affected": "=",
"version_value": "4.0(2p)"
},
{
"version_affected": "=",
"version_value": "4.0(4n)"
},
{
"version_affected": "=",
"version_value": "4.0(2q)"
},
{
"version_affected": "=",
"version_value": "4.0(2r)"
},
{
"version_affected": "=",
"version_value": "4.1(1c)"
},
{
"version_affected": "=",
"version_value": "4.1(1d)"
},
{
"version_affected": "=",
"version_value": "4.1(1f)"
},
{
"version_affected": "=",
"version_value": "4.1(1g)"
},
{
"version_affected": "=",
"version_value": "4.1(2a)"
},
{
"version_affected": "=",
"version_value": "4.1(1h)"
},
{
"version_affected": "=",
"version_value": "4.1(2b)"
},
{
"version_affected": "=",
"version_value": "4.1(2f)"
},
{
"version_affected": "=",
"version_value": "4.1(2e)"
},
{
"version_affected": "=",
"version_value": "4.1(3b)"
},
{
"version_affected": "=",
"version_value": "4.1(2d)"
},
{
"version_affected": "=",
"version_value": "4.1(3c)"
},
{
"version_affected": "=",
"version_value": "4.1(3d)"
},
{
"version_affected": "=",
"version_value": "4.1(2g)"
},
{
"version_affected": "=",
"version_value": "4.1(3f)"
},
{
"version_affected": "=",
"version_value": "4.1(2h)"
},
{
"version_affected": "=",
"version_value": "4.1(2j)"
},
{
"version_affected": "=",
"version_value": "4.1(2k)"
},
{
"version_affected": "=",
"version_value": "4.1(2l)"
},
{
"version_affected": "=",
"version_value": "4.1(3g)"
},
{
"version_affected": "=",
"version_value": "4.1(3h)"
},
{
"version_affected": "=",
"version_value": "4.1(3i)"
},
{
"version_affected": "=",
"version_value": "4.1(3l)"
},
{
"version_affected": "=",
"version_value": "4.1(2m)"
},
{
"version_affected": "=",
"version_value": "4.1(3m)"
},
{
"version_affected": "=",
"version_value": "4.2(1a)"
},
{
"version_affected": "=",
"version_value": "4.2(1b)"
},
{
"version_affected": "=",
"version_value": "4.2(1c)"
},
{
"version_affected": "=",
"version_value": "4.2(1e)"
},
{
"version_affected": "=",
"version_value": "4.2(1f)"
},
{
"version_affected": "=",
"version_value": "4.2(1g)"
},
{
"version_affected": "=",
"version_value": "4.2(1i)"
},
{
"version_affected": "=",
"version_value": "4.2(1j)"
},
{
"version_affected": "=",
"version_value": "4.2(2a)"
},
{
"version_affected": "=",
"version_value": "4.2(2f)"
},
{
"version_affected": "=",
"version_value": "4.2(2g)"
},
{
"version_affected": "=",
"version_value": "4.2(3b)"
},
{
"version_affected": "=",
"version_value": "4.2(3d)"
},
{
"version_affected": "=",
"version_value": "4.2(3e)"
},
{
"version_affected": "=",
"version_value": "4.2(3g)"
},
{
"version_affected": "=",
"version_value": "4.2(3h)"
},
{
"version_affected": "=",
"version_value": "4.2(3i)"
},
{
"version_affected": "=",
"version_value": "4.2(3j)"
},
{
"version_affected": "=",
"version_value": "4.3(1.230097)"
},
{
"version_affected": "=",
"version_value": "4.3(1.230124)"
},
{
"version_affected": "=",
"version_value": "4.3(1.230138)"
},
{
"version_affected": "=",
"version_value": "4.3(2.230207)"
},
{
"version_affected": "=",
"version_value": "4.3(2.230270)"
},
{
"version_affected": "=",
"version_value": "4.3(2.240002)"
},
{
"version_affected": "=",
"version_value": "4.3(3.240022)"
}
]
}
},
{
"product_name": "Cisco Unified Computing System E-Series Software (UCSE)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.1.0"
},
{
"version_affected": "=",
"version_value": "2.4.0"
},
{
"version_affected": "=",
"version_value": "2.4.1"
},
{
"version_affected": "=",
"version_value": "2.4.2"
},
{
"version_affected": "=",
"version_value": "3.2.1"
},
{
"version_affected": "=",
"version_value": "3.2.2"
},
{
"version_affected": "=",
"version_value": "3.2.3"
},
{
"version_affected": "=",
"version_value": "3.2.4"
},
{
"version_affected": "=",
"version_value": "3.2.6"
},
{
"version_affected": "=",
"version_value": "3.2.7"
},
{
"version_affected": "=",
"version_value": "3.2.10"
},
{
"version_affected": "=",
"version_value": "3.2.11.1"
},
{
"version_affected": "=",
"version_value": "3.2.8"
},
{
"version_affected": "=",
"version_value": "3.2.11.3"
},
{
"version_affected": "=",
"version_value": "3.2.11.5"
},
{
"version_affected": "=",
"version_value": "3.2.12.2"
},
{
"version_affected": "=",
"version_value": "3.2.13.6"
},
{
"version_affected": "=",
"version_value": "3.2.14"
},
{
"version_affected": "=",
"version_value": "3.2.15"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.2"
},
{
"version_affected": "=",
"version_value": "3.1.3"
},
{
"version_affected": "=",
"version_value": "3.1.4"
},
{
"version_affected": "=",
"version_value": "3.1.5"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.1"
},
{
"version_affected": "=",
"version_value": "3.0.2"
},
{
"version_affected": "=",
"version_value": "2.3.1"
},
{
"version_affected": "=",
"version_value": "2.3.2"
},
{
"version_affected": "=",
"version_value": "2.3.3"
},
{
"version_affected": "=",
"version_value": "2.3.5"
},
{
"version_affected": "=",
"version_value": "2.2.1"
},
{
"version_affected": "=",
"version_value": "2.2.2"
},
{
"version_affected": "=",
"version_value": "2.0.0"
},
{
"version_affected": "=",
"version_value": "4.11.1"
},
{
"version_affected": "=",
"version_value": "4.12.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-bLuPcb",
"refsource": "MISC",
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-bLuPcb"
}
]
},
"source": {
"advisory": "cisco-sa-cimc-cmd-inj-bLuPcb",
"discovery": "EXTERNAL",
"defects": [
"CSCwi43005",
"CSCwj41082",
"CSCwi43001",
"CSCwi42996"
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
}
]
}

1156
2024/20xxx/CVE-2024-20358.json
View File

File diff suppressed because it is too large Load Diff

91
2024/32xxx/CVE-2024-32876.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32876",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NewPipe is an Android app for video streaming written in Java. It supports exporting and importing backups, as a way to let users move their data to a new device effortlessly. However, in versions 0.13.4 through 0.26.1, importing a backup file from an untrusted source could have resulted in Arbitrary Code Execution. This is because backups are serialized/deserialized using Java's Object Serialization Stream Protocol, which can allow constructing any class in the app, unless properly restricted.\n\nTo exploit this vulnerability, an attacker would need to build a backup file containing the exploit, and then persuade a user into importing it. During the import process, the malicious code would be executed, possibly crashing the app, stealing user data from the NewPipe app, performing nasty actions through Android APIs, and attempting Android JVM/Sandbox escapes through vulnerabilities in the Android OS.\n\nThe attack can take place only if the user imports a malicious backup file, so an attacker would need to trick a user into importing a backup file from a source they can control. The implementation details of the malicious backup file can be independent of the attacked user or the device they are being run on, and do not require additional privileges.\n\nAll NewPipe versions from 0.13.4 to 0.26.1 are vulnerable. NewPipe version 0.27.0 fixes the issue by doing the following: Restrict the classes that can be deserialized when calling Java's Object Serialization Stream Protocol, by adding a whitelist with only innocuous data-only classes that can't lead to Arbitrary Code Execution; deprecate backups serialized with Java's Object Serialization Stream Protocol; use JSON serialization for all newly created backups (but still include an alternative file serialized with Java's Object Serialization Stream Protocol in the backup zip for backwards compatibility); show a warning to the user when attempting to import a backup where the only available serialization mode is Java's Object Serialization Stream Protocol (note that in the future this serialization mode will be removed completely).\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data",
"cweId": "CWE-502"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TeamNewPipe",
"product": {
"product_data": [
{
"product_name": "NewPipe",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 0.13.4, < 0.27.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/TeamNewPipe/NewPipe/security/advisories/GHSA-wxrm-jhpf-vp6v",
"refsource": "MISC",
"name": "https://github.com/TeamNewPipe/NewPipe/security/advisories/GHSA-wxrm-jhpf-vp6v"
},
{
"url": "https://github.com/TeamNewPipe/NewPipe/commit/a69bbab73220f36e53c801cf7e9ea3627bb017eb",
"refsource": "MISC",
"name": "https://github.com/TeamNewPipe/NewPipe/commit/a69bbab73220f36e53c801cf7e9ea3627bb017eb"
},
{
"url": "https://docs.oracle.com/javase/6/docs/platform/serialization/spec/protocol.html",
"refsource": "MISC",
"name": "https://docs.oracle.com/javase/6/docs/platform/serialization/spec/protocol.html"
},
{
"url": "https://github.com/TeamNewPipe/NewPipe/releases/tag/v0.27.0",
"refsource": "MISC",
"name": "https://github.com/TeamNewPipe/NewPipe/releases/tag/v0.27.0"
}
]
},
"source": {
"advisory": "GHSA-wxrm-jhpf-vp6v",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
]
}

95
2024/32xxx/CVE-2024-32879.json
View File

@ -1,17 +1,104 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32879",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed by a fix released in version 5.4.1. An immediate workaround would be to change collation of the affected field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-178: Improper Handling of Case Sensitivity",
"cweId": "CWE-178"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-303: Incorrect Implementation of Authentication Algorithm",
"cweId": "CWE-303"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "python-social-auth",
"product": {
"product_data": [
{
"product_name": "social-app-django",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 5.4.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3",
"refsource": "MISC",
"name": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3"
},
{
"url": "https://github.com/python-social-auth/social-app-django/pull/566",
"refsource": "MISC",
"name": "https://github.com/python-social-auth/social-app-django/pull/566"
},
{
"url": "https://github.com/python-social-auth/social-app-django/commit/31c3e0c7edb187004d8abbde7e9c4f7ef9098138",
"refsource": "MISC",
"name": "https://github.com/python-social-auth/social-app-django/commit/31c3e0c7edb187004d8abbde7e9c4f7ef9098138"
}
]
},
"source": {
"advisory": "GHSA-2gr8-3wc7-xhj3",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

100
2024/4xxx/CVE-2024-4126.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4126",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Tenda W15E 15.11.0.14 and classified as critical. This issue affects the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument manualTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-261869 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in Tenda W15E 15.11.0.14 gefunden. Hierbei geht es um die Funktion formSetSysTime der Datei /goform/SetSysTimeCfg. Durch die Manipulation des Arguments manualTime mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tenda",
"product": {
"product_data": [
{
"product_name": "W15E",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "15.11.0.14"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.261869",
"refsource": "MISC",
"name": "https://vuldb.com/?id.261869"
},
{
"url": "https://vuldb.com/?ctiid.261869",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.261869"
},
{
"url": "https://vuldb.com/?submit.317831",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.317831"
},
{
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/formSetSysTime.md",
"refsource": "MISC",
"name": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/formSetSysTime.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "wxhwxhwxh_mie (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 8.8,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C"
}
]
}

100
2024/4xxx/CVE-2024-4127.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4127",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Tenda W15E 15.11.0.14. It has been classified as critical. Affected is the function guestWifiRuleRefresh. The manipulation of the argument qosGuestDownstream leads to stack-based buffer overflow. It is possible to launch the attack remotely. VDB-261870 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Es wurde eine kritische Schwachstelle in Tenda W15E 15.11.0.14 ausgemacht. Es betrifft die Funktion guestWifiRuleRefresh. Durch Manipulation des Arguments qosGuestDownstream mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tenda",
"product": {
"product_data": [
{
"product_name": "W15E",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "15.11.0.14"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.261870",
"refsource": "MISC",
"name": "https://vuldb.com/?id.261870"
},
{
"url": "https://vuldb.com/?ctiid.261870",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.261870"
},
{
"url": "https://vuldb.com/?submit.317832",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.317832"
},
{
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/guestWifiRuleRefresh.md",
"refsource": "MISC",
"name": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/guestWifiRuleRefresh.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "wxhwxhwxh_mie (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 8.8,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C"
}
]
}

18
2024/4xxx/CVE-2024-4143.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4143",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}