From 1decfbd545ed14d37efd13255db1031fe0c20e1c Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Tue, 12 Nov 2024 09:37:51 +0000 Subject: [PATCH] more updates 2024-11-12 Signed-off-by: Weston Steimel --- data/anchore/2024/CVE-2024-10917.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32928.json | 2 +- data/anchore/2024/CVE-2024-38755.json | 2 +- data/anchore/2024/CVE-2024-39354.json | 38 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-39605.json | 38 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-47131.json | 38 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-49283.json | 2 +- data/anchore/2024/CVE-2024-49297.json | 2 +- data/anchore/2024/CVE-2024-51484.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-51485.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-51486.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-51487.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-51488.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-51489.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-51490.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-51747.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-51748.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-51791.json | 41 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-51992.json | 38 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-52286.json | 38 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-52355.json | 42 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-9613.json | 2 +- 22 files changed, 650 insertions(+), 5 deletions(-) create mode 100644 data/anchore/2024/CVE-2024-10917.json create mode 100644 data/anchore/2024/CVE-2024-39354.json create mode 100644 data/anchore/2024/CVE-2024-39605.json create mode 100644 data/anchore/2024/CVE-2024-47131.json create mode 100644 data/anchore/2024/CVE-2024-51484.json create mode 100644 data/anchore/2024/CVE-2024-51485.json create mode 100644 data/anchore/2024/CVE-2024-51486.json create mode 100644 data/anchore/2024/CVE-2024-51487.json create mode 100644 data/anchore/2024/CVE-2024-51488.json create mode 100644 data/anchore/2024/CVE-2024-51489.json create mode 100644 data/anchore/2024/CVE-2024-51490.json create mode 100644 data/anchore/2024/CVE-2024-51747.json create mode 100644 data/anchore/2024/CVE-2024-51748.json create mode 100644 data/anchore/2024/CVE-2024-51791.json create mode 100644 data/anchore/2024/CVE-2024-51992.json create mode 100644 data/anchore/2024/CVE-2024-52286.json create mode 100644 data/anchore/2024/CVE-2024-52355.json diff --git a/data/anchore/2024/CVE-2024-10917.json b/data/anchore/2024/CVE-2024-10917.json new file mode 100644 index 00000000..e0ed7bed --- /dev/null +++ b/data/anchore/2024/CVE-2024-10917.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "eclipse", + "cveId": "CVE-2024-10917", + "description": "In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/eclipse-openj9/openj9/pull/20362", + "https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0", + "https://gitlab.eclipse.org/security/cve-assignement/-/issues/47" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:eclipse:openj9:*:*:*:*:*:*:*:*" + ], + "packageName": "eclipse-openj9/openj9", + "product": "Open J9", + "repo": "https://github.com/eclipse-openj9/openj9", + "vendor": "Eclipse Foundation", + "versions": [ + { + "lessThan": "0.48.0", + "status": "affected", + "version": "0.8.0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32928.json b/data/anchore/2024/CVE-2024-32928.json index 6dfbcb2e..706590e1 100644 --- a/data/anchore/2024/CVE-2024-32928.json +++ b/data/anchore/2024/CVE-2024-32928.json @@ -19,8 +19,8 @@ "versions": [ { "lessThan": "3.73", - "version": "0", "status": "affected", + "version": "0", "versionType": "custom" } ] diff --git a/data/anchore/2024/CVE-2024-38755.json b/data/anchore/2024/CVE-2024-38755.json index 244488a0..68a7f4ef 100644 --- a/data/anchore/2024/CVE-2024-38755.json +++ b/data/anchore/2024/CVE-2024-38755.json @@ -22,7 +22,7 @@ "vendor": "Designinvento", "versions": [ { - "lessThanOrEqual": "3.6.10", + "lessThan": "3.6.11", "status": "affected", "version": "0", "versionType": "custom" diff --git a/data/anchore/2024/CVE-2024-39354.json b/data/anchore/2024/CVE-2024-39354.json new file mode 100644 index 00000000..3518ab9f --- /dev/null +++ b/data/anchore/2024/CVE-2024-39354.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "icscert", + "cveId": "CVE-2024-39354", + "description": "If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.cisa.gov/news-events/ics-advisories/icsa-24-312-02", + "https://www.deltaww.com/en-US/Cybersecurity_Advisory" + ], + "solutions": [ + "Delta Electronics has released v1.5.0 of DIAScreen (login required) https://diastudio.deltaww.com/home/downloads  and recommends users install this update on all affected systems.\n\nFor more information, please see the Delta product cybersecurity advisory for these issues. https://www.deltaww.com/en-US/Cybersecurity_Advisory" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:deltaww:diascreen:*:*:*:*:*:*:*:*" + ], + "product": "DIAScreen", + "vendor": "Delta Electronics", + "versions": [ + { + "lessThan": "1.5.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-39605.json b/data/anchore/2024/CVE-2024-39605.json new file mode 100644 index 00000000..c94f652e --- /dev/null +++ b/data/anchore/2024/CVE-2024-39605.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "icscert", + "cveId": "CVE-2024-39605", + "description": "If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the attacker to remotely execute arbitrary code.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.cisa.gov/news-events/ics-advisories/icsa-24-312-02", + "https://www.deltaww.com/en-US/Cybersecurity_Advisory" + ], + "solutions": [ + "Delta Electronics has released v1.5.0 of DIAScreen (login required) https://diastudio.deltaww.com/home/downloads  and recommends users install this update on all affected systems.\n\nFor more information, please see the Delta product cybersecurity advisory for these issues. https://www.deltaww.com/en-US/Cybersecurity_Advisory" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:deltaww:diascreen:*:*:*:*:*:*:*:*" + ], + "product": "DIAScreen", + "vendor": "Delta Electronics", + "versions": [ + { + "lessThan": "1.5.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-47131.json b/data/anchore/2024/CVE-2024-47131.json new file mode 100644 index 00000000..32970b54 --- /dev/null +++ b/data/anchore/2024/CVE-2024-47131.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "icscert", + "cveId": "CVE-2024-47131", + "description": "If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.cisa.gov/news-events/ics-advisories/icsa-24-312-02", + "https://www.deltaww.com/en-US/Cybersecurity_Advisory" + ], + "solutions": [ + "Delta Electronics has released v1.5.0 of DIAScreen (login required) https://diastudio.deltaww.com/home/downloads  and recommends users install this update on all affected systems.\n\nFor more information, please see the Delta product cybersecurity advisory for these issues. https://www.deltaww.com/en-US/Cybersecurity_Advisory" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:deltaww:diascreen:*:*:*:*:*:*:*:*" + ], + "product": "DIAScreen", + "vendor": "Delta Electronics", + "versions": [ + { + "lessThan": "1.5.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-49283.json b/data/anchore/2024/CVE-2024-49283.json index 957f72d2..a7706480 100644 --- a/data/anchore/2024/CVE-2024-49283.json +++ b/data/anchore/2024/CVE-2024-49283.json @@ -22,7 +22,7 @@ "vendor": "VillaTheme", "versions": [ { - "lessThanOrEqual": "2.2.3", + "lessThan": "2.2.4", "status": "affected", "version": "0", "versionType": "custom" diff --git a/data/anchore/2024/CVE-2024-49297.json b/data/anchore/2024/CVE-2024-49297.json index 12233a56..bb4486da 100644 --- a/data/anchore/2024/CVE-2024-49297.json +++ b/data/anchore/2024/CVE-2024-49297.json @@ -23,7 +23,7 @@ "vendor": "Zoho CRM", "versions": [ { - "lessThanOrEqual": "1.7.9.0", + "lessThan": "1.7.9.8", "status": "affected", "version": "0", "versionType": "custom" diff --git a/data/anchore/2024/CVE-2024-51484.json b/data/anchore/2024/CVE-2024-51484.json new file mode 100644 index 00000000..942fe535 --- /dev/null +++ b/data/anchore/2024/CVE-2024-51484.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51484", + "description": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating controllers. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change website features that should only be managed by administrators through malicious requests. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/ampache/ampache/security/advisories/GHSA-h6vj-6rvc-3x29" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*" + ], + "packageName": "ampache/ampache", + "product": "ampache", + "repo": "https://github.com/ampache/ampache", + "vendor": "ampache", + "versions": [ + { + "lessThan": "7.0.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51485.json b/data/anchore/2024/CVE-2024-51485.json new file mode 100644 index 00000000..6b4eb259 --- /dev/null +++ b/data/anchore/2024/CVE-2024-51485.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51485", + "description": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating plugins. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change website features that should only be managed by administrators through malicious requests. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/ampache/ampache/security/advisories/GHSA-xvfj-w962-hqcx" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*" + ], + "packageName": "ampache/ampache", + "product": "ampache", + "repo": "https://github.com/ampache/ampache", + "vendor": "ampache", + "versions": [ + { + "lessThan": "7.0.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51486.json b/data/anchore/2024/CVE-2024-51486.json new file mode 100644 index 00000000..baa21045 --- /dev/null +++ b/data/anchore/2024/CVE-2024-51486.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51486", + "description": "Ampache is a web based audio/video streaming application and file manager. The vulnerability exists in the interface section of the Ampache menu, where users can change the \"Custom URL - Favicon\". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/ampache/ampache/security/advisories/GHSA-4xw5-f7xm-vpw5" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*" + ], + "packageName": "ampache/ampache", + "product": "ampache", + "repo": "https://github.com/ampache/ampache", + "vendor": "ampache", + "versions": [ + { + "lessThan": "7.0.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51487.json b/data/anchore/2024/CVE-2024-51487.json new file mode 100644 index 00000000..14a92d37 --- /dev/null +++ b/data/anchore/2024/CVE-2024-51487.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51487", + "description": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating catalog. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change website features that should only be managed by administrators through malicious requests. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/ampache/ampache/security/advisories/GHSA-5rmx-fjmc-mg6x" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*" + ], + "packageName": "ampache/ampache", + "product": "ampache", + "repo": "https://github.com/ampache/ampache", + "vendor": "ampache", + "versions": [ + { + "lessThan": "7.0.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51488.json b/data/anchore/2024/CVE-2024-51488.json new file mode 100644 index 00000000..8b38ff06 --- /dev/null +++ b/data/anchore/2024/CVE-2024-51488.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51488", + "description": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users delete messages. This vulnerability could be exploited to forge CSRF attacks, allowing an attacker to delete messages to any user, including administrators, if they interact with a malicious request. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/ampache/ampache/security/advisories/GHSA-46m4-5pxj-66f2" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*" + ], + "packageName": "ampache/ampache", + "product": "ampache", + "repo": "https://github.com/ampache/ampache", + "vendor": "ampache", + "versions": [ + { + "lessThan": "7.0.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51489.json b/data/anchore/2024/CVE-2024-51489.json new file mode 100644 index 00000000..348ff8a7 --- /dev/null +++ b/data/anchore/2024/CVE-2024-51489.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51489", + "description": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users send messages to one another. This vulnerability could be exploited to forge CSRF attacks, allowing an attacker to send messages to any user, including administrators, if they interact with a malicious request. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/ampache/ampache/security/advisories/GHSA-4q69-983r-mwwr" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*" + ], + "packageName": "ampache/ampache", + "product": "ampache", + "repo": "https://github.com/ampache/ampache", + "vendor": "ampache", + "versions": [ + { + "lessThan": "7.0.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51490.json b/data/anchore/2024/CVE-2024-51490.json new file mode 100644 index 00000000..9a21f3ec --- /dev/null +++ b/data/anchore/2024/CVE-2024-51490.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51490", + "description": "Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change \"Custom URL - Logo\". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/ampache/ampache/security/advisories/GHSA-x979-f6px-7j2w" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*" + ], + "packageName": "ampache/ampache", + "product": "ampache", + "repo": "https://github.com/ampache/ampache", + "vendor": "ampache", + "versions": [ + { + "lessThan": "7.0.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51747.json b/data/anchore/2024/CVE-2024-51747.json new file mode 100644 index 00000000..1973a33c --- /dev/null +++ b/data/anchore/2024/CVE-2024-51747.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51747", + "description": "Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can read and delete arbitrary files from the server. File attachments, that are viewable or downloadable in Kanboard are resolved through its `path` entry in the `project_has_files` SQLite db. Thus, an attacker who can upload a modified sqlite.db through the dedicated feature, can set arbitrary file links, by abusing path traversals. Once the modified db is uploaded and the project page is accessed, a file download can be triggered and all files, readable in the context of the Kanboard application permissions, can be downloaded. This issue has been addressed in version 1.2.42 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/kanboard/kanboard/security/advisories/GHSA-78pf-vg56-5p8v" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:kanboard:kanboard:*:*:*:*:*:*:*:*" + ], + "packageName": "kanboard/kanboard", + "product": "kanboard", + "repo": "https://github.com/kanboard/kanboard", + "vendor": "kanboard", + "versions": [ + { + "lessThan": "1.2.42", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51748.json b/data/anchore/2024/CVE-2024-51748.json new file mode 100644 index 00000000..ec97b2f1 --- /dev/null +++ b/data/anchore/2024/CVE-2024-51748.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51748", + "description": "Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can run arbitrary php code on the server in combination with a file write possibility. The user interface language is determined and loaded by the setting `application_language` in the `settings` table. Thus, an attacker who can upload a modified sqlite.db through the dedicated feature, has control over the filepath, which is loaded. Exploiting this vulnerability has one constraint: the attacker must be able to place a file (called translations.php) on the system. However, this is not impossible, think of anonymous FTP server or another application that allows uploading files. Once the attacker has placed its file with the actual php code as the payload, the attacker can craft a sqlite db settings, which uses path traversal to point to the directory, where the `translations.php` file is stored. Then gaining code execution after importing the crafted sqlite.db. This issue has been addressed in version 1.2.42 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/kanboard/kanboard/security/advisories/GHSA-jvff-x577-j95p" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:kanboard:kanboard:*:*:*:*:*:*:*:*" + ], + "packageName": "kanboard/kanboard", + "product": "kanboard", + "repo": "https://github.com/kanboard/kanboard", + "vendor": "kanboard", + "versions": [ + { + "lessThan": "1.2.42", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51791.json b/data/anchore/2024/CVE-2024-51791.json new file mode 100644 index 00000000..d6724a29 --- /dev/null +++ b/data/anchore/2024/CVE-2024-51791.json @@ -0,0 +1,41 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-51791", + "description": "Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms allows Upload a Web Shell to a Web Server.This issue affects Forms: from n/a through 2.8.0.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/forms-by-made-it/wordpress-forms-plugin-2-8-0-arbitrary-file-upload-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.8.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:madeit:forms:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "forms-by-made-it", + "packageType": "wordpress-plugin", + "product": "Forms", + "repo": "https://plugins.svn.wordpress.org/forms-by-made-it", + "vendor": "Made I.T.", + "versions": [ + { + "lessThan": "2.8.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-51992.json b/data/anchore/2024/CVE-2024-51992.json new file mode 100644 index 00000000..77e11cfb --- /dev/null +++ b/data/anchore/2024/CVE-2024-51992.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-51992", + "description": "Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue (CWE-749: Exposed Dangerous Method or Function) in the Orchid Platform’s asynchronous modal functionality, affecting users of Orchid Platform version 8 through 14.42.x. Attackers could exploit this vulnerability to call arbitrary methods within the `Screen` class, leading to potential brute force of database tables, validation checks against user credentials, and disclosure of the server’s real IP address. The issue has been patched in the latest release, version 14.43.0, released on November 6, 2024. Users should upgrade to version 14.43.0 or later to address this vulnerability. If upgrading to version 14.43.0 is not immediately possible, users can mitigate the vulnerability by implementing middleware to intercept and validate requests to asynchronous modal endpoints, allowing only approved methods and parameters.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/orchidsoftware/platform/security/advisories/GHSA-cm46-gqf4-mv4f" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://packagist.org", + "cpes": [ + "cpe:2.3:a:orchid:platform:*:*:*:*:*:*:*:*" + ], + "packageName": "orchid/platform", + "packageType": "php-composer", + "product": "platform", + "repo": "https://github.com/orchidsoftware/platform", + "vendor": "orchidsoftware", + "versions": [ + { + "lessThan": "14.43.0", + "status": "affected", + "version": "8.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-52286.json b/data/anchore/2024/CVE-2024-52286.json new file mode 100644 index 00000000..7821c234 --- /dev/null +++ b/data/anchore/2024/CVE-2024-52286.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-52286", + "description": "Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In affected versions the Merge functionality takes untrusted user input (file name) and uses it directly in the creation of HTML pages allowing any unauthenticated to execute JavaScript code in the context of the user. The issue stems to the code starting at `Line 24` in `src/main/resources/static/js/merge.js`. The file name is directly being input into InnerHTML with no sanitization on the file name, allowing a malicious user to be able to upload files with names containing HTML tags. As HTML tags can include JavaScript code, this can be used to execute JavaScript code in the context of the user. This is a self-injection style attack and relies on a user uploading the malicious file themselves and it impact only them, not other users. A user might be social engineered into running this to launch a phishing attack. Nevertheless, this breaks the expected security restrictions in place by the application. This issue has been addressed in version 0.32.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/Stirling-Tools/Stirling-PDF/commit/404e31468ec98413f1906cc7ee3d49091638c693", + "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-9j55-gvf2-cqwv" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:stirlingpdf:stirling_pdf:*:*:*:*:*:*:*:*" + ], + "packageName": "stirling-tools/stirling-pdf", + "product": "Stirling-PDF", + "repo": "https://github.com/stirling-tools/stirling-pdf", + "vendor": "Stirling-Tools", + "versions": [ + { + "lessThan": "0.32.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-52355.json b/data/anchore/2024/CVE-2024-52355.json new file mode 100644 index 00000000..62dac4e7 --- /dev/null +++ b/data/anchore/2024/CVE-2024-52355.json @@ -0,0 +1,42 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-52355", + "description": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hyumika OSM – OpenStreetMap allows Stored XSS.This issue affects OSM – OpenStreetMap: from n/a through 6.1.2.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/osm/wordpress-osm-openstreetmap-plugin-6-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 6.1.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:hyumika:openstreetmap:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:openstreetmap:openstreetmap:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "osm", + "packageType": "wordpress-plugin", + "product": "OSM – OpenStreetMap", + "repo": "https://plugins.svn.wordpress.org/osm", + "vendor": "Hyumika", + "versions": [ + { + "lessThan": "6.1.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-9613.json b/data/anchore/2024/CVE-2024-9613.json index 2c1909c3..1076893c 100644 --- a/data/anchore/2024/CVE-2024-9613.json +++ b/data/anchore/2024/CVE-2024-9613.json @@ -22,7 +22,7 @@ "vendor": "manidoraisamy", "versions": [ { - "lessThanOrEqual": "1.3.6", + "lessThan": "1.3.7", "status": "affected", "version": "0", "versionType": "semver"