Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2024/10/GHSA-25xc-32vr-fm66/GHSA-25xc-32vr-fm66.json

@@ -0,0 +1,46 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-25xc-32vr-fm66",
+  "modified": "2024-10-25T09:32:00Z",
+  "published": "2024-10-25T09:32:00Z",
+  "aliases": [
+    "CVE-2024-42420"
+  ],
+  "details": "Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages.\nCrafted HTTP requests may cause affected products crashed.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42420"
+    },
+    {
+      "type": "WEB",
+      "url": "https://global.sharp/products/copier/info/info_security_2024-10.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jvn.jp/en/vu/JVNVU95063136"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.toshibatec.com/information/20241025_01.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-125"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-10-25T07:15:03Z"
+  }
+}

advisories/unreviewed/2024/10/GHSA-29pv-3whx-cqwv/GHSA-29pv-3whx-cqwv.json

@@ -0,0 +1,46 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-29pv-3whx-cqwv",
+  "modified": "2024-10-25T09:32:00Z",
+  "published": "2024-10-25T09:32:00Z",
+  "aliases": [
+    "CVE-2024-47005"
+  ],
+  "details": "Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted.\nA non-administrative user may execute some configuration APIs.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47005"
+    },
+    {
+      "type": "WEB",
+      "url": "https://global.sharp/products/copier/info/info_security_2024-10.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jvn.jp/en/vu/JVNVU95063136"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.toshibatec.com/information/20241025_01.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-749"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-10-25T07:15:04Z"
+  }
+}

advisories/unreviewed/2024/10/GHSA-2hf2-hwp9-xcfg/GHSA-2hf2-hwp9-xcfg.json

@@ -0,0 +1,42 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2hf2-hwp9-xcfg",
+  "modified": "2024-10-25T09:32:01Z",
+  "published": "2024-10-25T09:32:01Z",
+  "aliases": [
+    "CVE-2024-10343"
+  ],
+  "details": "The Beek Widget Extention plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 0.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10343"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/beek-widget-extention/trunk/inc/call-to-action.php?rev=1249743#L135"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4afc8de7-0d7e-4dee-972e-3eb707cd7b2b?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-10-25T09:15:04Z"
+  }
+}

advisories/unreviewed/2024/10/GHSA-2m59-x3qc-r6mm/GHSA-2m59-x3qc-r6mm.json

@@ -0,0 +1,50 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2m59-x3qc-r6mm",
+  "modified": "2024-10-25T09:32:00Z",
+  "published": "2024-10-25T09:32:00Z",
+  "aliases": [
+    "CVE-2024-9302"
+  ],
+  "details": "The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.3.7. This is due to the verify_otp_forgot_password() and update_password() functions not having enough controls to prevent a successful brute force attack of the OTP to change a password, or verify that a password reset request came from an authorized user. This makes it possible for unauthenticated attackers to generate and brute force an OTP that makes it possible to change any users passwords, including an administrator.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9302"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/app-builder/tags/5.3.1/includes/Di/Service/Auth/ForgotPassword.php#L196"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/app-builder/tags/5.3.1/includes/Di/Service/Auth/ForgotPassword.php#L247"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3161215"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0eb9d676-4fa0-4bdc-af44-5d7e1dd8c6e6?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-640"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-10-25T07:15:05Z"
+  }
+}

advisories/unreviewed/2024/10/GHSA-2wm3-7hxf-9q6x/GHSA-2wm3-7hxf-9q6x.json

@@ -0,0 +1,42 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2wm3-7hxf-9q6x",
+  "modified": "2024-10-25T09:32:01Z",
+  "published": "2024-10-25T09:32:01Z",
+  "aliases": [
+    "CVE-2024-8666"
+  ],
+  "details": "The Shoutcast Icecast HTML5 Radio Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'html5radio' shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8666"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/shoutcast-icecast-html5-radio-player/trunk/shoutcast-icecast-html5-radio-player.php#L379"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e870ae2-abae-457a-b3d1-75a96ec09d41?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-10-25T09:15:07Z"
+  }
+}

advisories/unreviewed/2024/10/GHSA-44fh-qw29-wqf9/GHSA-44fh-qw29-wqf9.json

@@ -0,0 +1,35 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-44fh-qw29-wqf9",
+  "modified": "2024-10-25T09:32:00Z",
+  "published": "2024-10-25T09:32:00Z",
+  "aliases": [
+    "CVE-2024-50583"
+  ],
+  "details": "Whale browser Installer before 3.1.0.0 allows an attacker to execute a malicious DLL in the user environment due to improper permission settings.",
+  "severity": [
+
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50583"
+    },
+    {
+      "type": "WEB",
+      "url": "https://cve.naver.com/detail/cve-2024-50583.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-427"
+    ],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-10-25T07:15:05Z"
+  }
+}

advisories/unreviewed/2024/10/GHSA-66xj-xxx9-cjw3/GHSA-66xj-xxx9-cjw3.json

@@ -0,0 +1,42 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-66xj-xxx9-cjw3",
+  "modified": "2024-10-25T09:32:01Z",
+  "published": "2024-10-25T09:32:01Z",
+  "aliases": [
+    "CVE-2024-10341"
+  ],
+  "details": "The League of Legends Shortcodes plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10341"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/league-of-legends-shortcodes/trunk/lol-shortcodes.php?rev=934346#L101"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22ddafad-9214-4d32-9fc3-3f3c759633ad?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-10-25T08:15:02Z"
+  }
+}

advisories/unreviewed/2024/10/GHSA-7r72-cjgv-xhq6/GHSA-7r72-cjgv-xhq6.json

@@ -0,0 +1,46 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7r72-cjgv-xhq6",
+  "modified": "2024-10-25T09:32:00Z",
+  "published": "2024-10-25T09:32:00Z",
+  "aliases": [
+    "CVE-2024-48870"
+  ],
+  "details": "Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability.\nIf crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48870"
+    },
+    {
+      "type": "WEB",
+      "url": "https://global.sharp/products/copier/info/info_security_2024-10.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jvn.jp/en/vu/JVNVU95063136"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.toshibatec.com/information/20241025_01.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-10-25T07:15:04Z"
+  }
+}