Skip to content

Commit

Permalink
Auto-Update: 2024-01-13T21:00:24.847988+00:00
Browse files Browse the repository at this point in the history
  • Loading branch information
cad-safe-bot committed Jan 13, 2024
1 parent 34a717a commit 9f4a158
Show file tree
Hide file tree
Showing 7 changed files with 378 additions and 22 deletions.
12 changes: 10 additions & 2 deletions CVE-2022/CVE-2022-46xx/CVE-2022-4603.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,16 @@
"id": "CVE-2022-4603",
"sourceIdentifier": "[email protected]",
"published": "2022-12-18T11:15:11.077",
"lastModified": "2023-12-20T19:14:03.717",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-13T20:15:44.760",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en ppp y clasificada como problem\u00e1tica. La funci\u00f3n dumpppp del archivo pppdump/pppdump.c del componente pppdump es afectada por la vulnerabilidad. La manipulaci\u00f3n del argumento spkt.buf/rpkt.buf conduce a una validaci\u00f3n incorrecta del \u00edndice de la matriz. Por el momento todav\u00eda se duda de la existencia real de esta vulnerabilidad. El nombre del parche es a75fb7b198eed50d769c80c36629f38346882cbf. Se recomienda aplicar un parche para solucionar este problema. VDB-216198 es el identificador asignado a esta vulnerabilidad. NOTA: pppdump no se utiliza en el proceso normal de configuraci\u00f3n de una conexi\u00f3n PPP, no se instala con setuid-root y no se invoca autom\u00e1ticamente en ning\u00fan escenario."
}
],
"metrics": {
Expand Down Expand Up @@ -109,6 +113,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J43NP7ABHOCIWOFHWCH6ZCZOYKZH6723/",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?id.216198",
"source": "[email protected]",
Expand Down
6 changes: 5 additions & 1 deletion CVE-2024/CVE-2024-03xx/CVE-2024-0333.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"id": "CVE-2024-0333",
"sourceIdentifier": "[email protected]",
"published": "2024-01-10T22:15:50.907",
"lastModified": "2024-01-11T13:57:26.160",
"lastModified": "2024-01-13T20:15:45.073",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
Expand All @@ -24,6 +24,10 @@
"url": "https://crbug.com/1513379",
"source": "[email protected]"
},
{
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4BXC7FJIAZRY3P72XC4Z4UOW2QDA7YX7/",
"source": "[email protected]"
},
{
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/IPYCYENYQYADCOS6XG4JITUVRZ6HTE2B/",
"source": "[email protected]"
Expand Down
88 changes: 88 additions & 0 deletions CVE-2024/CVE-2024-04xx/CVE-2024-0499.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
{
"id": "CVE-2024-0499",
"sourceIdentifier": "[email protected]",
"published": "2024-01-13T19:15:08.273",
"lastModified": "2024-01-13T19:15:08.273",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in SourceCodester House Rental Management System 1.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250607."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1DTGd_IWdS_tMOQN0Pt1-MeZ4Yv3tXiRt/view?usp=sharing",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?ctiid.250607",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?id.250607",
"source": "[email protected]"
}
]
}
88 changes: 88 additions & 0 deletions CVE-2024/CVE-2024-05xx/CVE-2024-0500.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
{
"id": "CVE-2024-0500",
"sourceIdentifier": "[email protected]",
"published": "2024-01-13T19:15:08.580",
"lastModified": "2024-01-13T19:15:08.580",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in SourceCodester House Rental Management System 1.0. Affected is an unknown function of the component Manage Tenant Details. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250608."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1z30nTAfoX58NqwIMXyHb3LB6Pv2bEm5v/view?usp=sharing",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?ctiid.250608",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?id.250608",
"source": "[email protected]"
}
]
}
88 changes: 88 additions & 0 deletions CVE-2024/CVE-2024-05xx/CVE-2024-0501.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
{
"id": "CVE-2024-0501",
"sourceIdentifier": "[email protected]",
"published": "2024-01-13T20:15:45.137",
"lastModified": "2024-01-13T20:15:45.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in SourceCodester House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Manage Invoice Details. The manipulation of the argument Invoice leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250609 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1xEenTDcXwNYdOxY8kdQ142nRnbcHrTRv/view?usp=sharing",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?ctiid.250609",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?id.250609",
"source": "[email protected]"
}
]
}
Loading

0 comments on commit 9f4a158

Please sign in to comment.