chore: generate CVEs metadata 🤖
ghost
parent
02b5c93a5a
commit
b651f9631d
10
cves.json
10
cves.json
|
|
@ -2667,3 +2667,13 @@
|
|||
{"ID":"CVE-2022-24706","Info":{"Name":"CouchDB Erlang Distribution - Remote Command Execution","Severity":"critical","Description":"In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"network/cves/2022/CVE-2022-24706.yaml"}
|
||||
{"ID":"CVE-2022-31793","Info":{"Name":"muhttpd \u003c=1.1.5 - Local Inclusion","Severity":"high","Description":"muhttpd 1.1.5 and before are vulnerable to unauthenticated local file inclusion. The vulnerability allows retrieval of files from the file system.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"network/cves/2022/CVE-2022-31793.yaml"}
|
||||
{"ID":"CVE-2023-33246","Info":{"Name":"RocketMQ \u003c= 5.1.0 - Remote Code Execution","Severity":"critical","Description":"For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .\n","Classification":{"CVSSScore":"9.8"}},"file_path":"network/cves/2023/CVE-2023-33246.yaml"}
|
||||
{"ID":"CVE-2012-2122","Info":{"Name":"MySQL - Authentication Bypass","Severity":"medium","Description":"sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.\n","Classification":{"CVSSScore":"5.1"}},"file_path":"javascript/cves/2012/CVE-2012-2122.yaml"}
|
||||
{"ID":"CVE-2016-8706","Info":{"Name":"Memcached Server SASL Authentication - Remote Code Execution","Severity":"high","Description":"An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.\n","Classification":{"CVSSScore":"8.1"}},"file_path":"javascript/cves/2016/CVE-2016-8706.yaml"}
|
||||
{"ID":"CVE-2019-9193","Info":{"Name":"PostgreSQL 9.3-12.3 Authenticated Remote Code Execution","Severity":"high","Description":"In PostgreSQL 9.3 through 11.2, the \"COPY TO/FROM PROGRAM\" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for ‘COPY TO/FROM PROGRAM’ is acting as intended. References state that in PostgreSQL, a superuser can execute commands as the server user without using the ‘COPY FROM PROGRAM’.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"javascript/cves/2019/CVE-2019-9193.yaml"}
|
||||
{"ID":"CVE-2020-7247","Info":{"Name":"OpenSMTPD 6.4.0-6.6.1 - Remote Code Execution","Severity":"critical","Description":"OpenSMTPD versions 6.4.0 - 6.6.1 are susceptible to remote code execution. smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the \"uncommented\" default configuration. The issue exists because of an incorrect return value upon failure of input validation.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"javascript/cves/2020/CVE-2020-7247.yaml"}
|
||||
{"ID":"CVE-2023-34039","Info":{"Name":"VMWare Aria Operations - Remote Code Execution","Severity":"critical","Description":"VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)\nVersion: All versions from 6.0 to 6.10\n","Classification":{"CVSSScore":"9.8"}},"file_path":"javascript/cves/2023/CVE-2023-34039.yaml"}
|
||||
{"ID":"CVE-2023-46604","Info":{"Name":"Apache ActiveMQ - Remote Code Execution","Severity":"critical","Description":"Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.\nUsers are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"javascript/cves/2023/CVE-2023-46604.yaml"}
|
||||
{"ID":"CVE-2023-48795","Info":{"Name":"OpenSSH Terrapin Attack - Detection","Severity":"medium","Description":"The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.\n","Classification":{"CVSSScore":"5.9"}},"file_path":"javascript/cves/2023/CVE-2023-48795.yaml"}
|
||||
{"ID":"CVE-2024-23897","Info":{"Name":"Jenkins \u003c 2.441 - Arbitrary File Read","Severity":"high","Description":"Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"javascript/cves/2024/CVE-2024-23897.yaml"}
|
||||
{"ID":"CVE-2024-45519","Info":{"Name":"Zimbra Collaboration Suite \u003c 9.0.0 - Remote Code Execution","Severity":"critical","Description":"SMTP-based vulnerability in the PostJournal service of Zimbra Collaboration Suite that allows unauthenticated attackers to inject arbitrary commands. This vulnerability arises due to improper sanitization of SMTP input, enabling attackers to craft malicious SMTP messages that execute commands under the Zimbra user context. Successful exploitation can lead to unauthorized access, privilege escalation, and potential compromise of the affected system's integrity and confidentiality.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"javascript/cves/2024/CVE-2024-45519.yaml"}
|
||||
{"ID":"CVE-2024-47176","Info":{"Name":"CUPS - Remote Code Execution","Severity":"high","Description":"CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDR_ANY-631, causing it to trust any packet from any source, and can cause the Get-Printer-Attributes IPP request to an attacker controlled URL.\nDue to the service binding to *-631 ( INADDR_ANY ), multiple bugs in cups-browsed can be exploited in sequence to introduce a malicious printer to the system. This chain of exploits ultimately enables an attacker to execute arbitrary commands remotely on the target machine without authentication when a print job is started. This poses a significant security risk over the network. Notably, this vulnerability is particularly concerning as it can be exploited from the public internet, potentially exposing a vast number of systems to remote attacks if their CUPS services are enabled.\n","Classification":{"CVSSScore":"8.3"}},"file_path":"javascript/cves/2024/CVE-2024-47176.yaml"}
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
9fdcb1611dcf902e13886220ca1937be
|
||||
d801eace49a106d3fc73a0b68e3a8717
|
||||
|
|
|
|||
Loading…
Reference in New Issue