From 07821ff9448a8d8ce14336f84543eceeb00a5811 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 10 Jun 2024 17:01:07 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2000/0xxx/CVE-2000-0476.json | 5 -- 2023/31xxx/CVE-2023-31130.json | 5 ++ 2023/38xxx/CVE-2023-38729.json | 5 ++ 2023/42xxx/CVE-2023-42861.json | 5 -- 2023/45xxx/CVE-2023-45681.json | 10 --- 2023/47xxx/CVE-2023-47212.json | 10 --- 2023/6xxx/CVE-2023-6237.json | 5 ++ 2023/6xxx/CVE-2023-6597.json | 5 ++ 2024/0xxx/CVE-2024-0450.json | 5 ++ 2024/1xxx/CVE-2024-1874.json | 5 -- 2024/21xxx/CVE-2024-21683.json | 6 +- 2024/21xxx/CVE-2024-21785.json | 5 ++ 2024/21xxx/CVE-2024-21823.json | 5 ++ 2024/23xxx/CVE-2024-23296.json | 10 --- 2024/23xxx/CVE-2024-23450.json | 5 ++ 2024/23xxx/CVE-2024-23601.json | 5 ++ 2024/24xxx/CVE-2024-24583.json | 5 ++ 2024/24xxx/CVE-2024-24584.json | 5 ++ 2024/24xxx/CVE-2024-24788.json | 5 ++ 2024/24xxx/CVE-2024-24806.json | 5 ++ 2024/24xxx/CVE-2024-24989.json | 5 ++ 2024/24xxx/CVE-2024-24990.json | 5 ++ 2024/25xxx/CVE-2024-25642.json | 5 ++ 2024/26xxx/CVE-2024-26144.json | 5 ++ 2024/26xxx/CVE-2024-26629.json | 5 ++ 2024/27xxx/CVE-2024-27254.json | 5 ++ 2024/27xxx/CVE-2024-27398.json | 5 ++ 2024/27xxx/CVE-2024-27399.json | 5 ++ 2024/27xxx/CVE-2024-27400.json | 5 ++ 2024/27xxx/CVE-2024-27401.json | 5 ++ 2024/27xxx/CVE-2024-27789.json | 15 ----- 2024/27xxx/CVE-2024-27804.json | 15 ----- 2024/27xxx/CVE-2024-27810.json | 15 ----- 2024/27xxx/CVE-2024-27816.json | 15 ----- 2024/27xxx/CVE-2024-27834.json | 10 --- 2024/27xxx/CVE-2024-27983.json | 5 ++ 2024/28xxx/CVE-2024-28834.json | 5 ++ 2024/2xxx/CVE-2024-2660.json | 5 ++ 2024/2xxx/CVE-2024-2757.json | 5 ++ 2024/31xxx/CVE-2024-31079.json | 5 ++ 2024/31xxx/CVE-2024-31611.json | 56 ++++++++++++++-- 2024/32xxx/CVE-2024-32760.json | 5 ++ 2024/33xxx/CVE-2024-33655.json | 5 ++ 2024/34xxx/CVE-2024-34064.json | 5 -- 2024/34xxx/CVE-2024-34161.json | 5 ++ 2024/34xxx/CVE-2024-34397.json | 5 ++ 2024/34xxx/CVE-2024-34459.json | 5 ++ 2024/35xxx/CVE-2024-35200.json | 5 ++ 2024/35xxx/CVE-2024-35728.json | 113 +++++++++++++++++++++++++++++++-- 2024/35xxx/CVE-2024-35743.json | 85 +++++++++++++++++++++++-- 2024/35xxx/CVE-2024-35744.json | 85 +++++++++++++++++++++++-- 2024/35xxx/CVE-2024-35745.json | 85 +++++++++++++++++++++++-- 2024/35xxx/CVE-2024-35746.json | 85 +++++++++++++++++++++++-- 2024/35xxx/CVE-2024-35747.json | 85 +++++++++++++++++++++++-- 2024/35xxx/CVE-2024-35749.json | 85 +++++++++++++++++++++++-- 2024/35xxx/CVE-2024-35754.json | 85 +++++++++++++++++++++++-- 2024/35xxx/CVE-2024-35844.json | 5 ++ 2024/35xxx/CVE-2024-35867.json | 5 ++ 2024/35xxx/CVE-2024-35904.json | 5 ++ 2024/35xxx/CVE-2024-35947.json | 5 ++ 2024/35xxx/CVE-2024-35949.json | 5 ++ 2024/35xxx/CVE-2024-35951.json | 5 ++ 2024/35xxx/CVE-2024-35971.json | 5 ++ 2024/36xxx/CVE-2024-36009.json | 5 ++ 2024/36xxx/CVE-2024-36013.json | 5 ++ 2024/36xxx/CVE-2024-36048.json | 10 --- 2024/36xxx/CVE-2024-36407.json | 80 +++++++++++++++++++++-- 2024/36xxx/CVE-2024-36408.json | 80 +++++++++++++++++++++-- 2024/37xxx/CVE-2024-37535.json | 5 -- 2024/3xxx/CVE-2024-3850.json | 99 +++++++++++++++++++++++++++-- 2024/4xxx/CVE-2024-4367.json | 5 ++ 2024/4xxx/CVE-2024-4603.json | 5 ++ 2024/4xxx/CVE-2024-4767.json | 5 ++ 2024/4xxx/CVE-2024-4768.json | 5 ++ 2024/4xxx/CVE-2024-4769.json | 5 ++ 2024/4xxx/CVE-2024-4770.json | 5 ++ 2024/4xxx/CVE-2024-4777.json | 5 ++ 2024/5xxx/CVE-2024-5102.json | 68 ++++++++++++++++++-- 2024/5xxx/CVE-2024-5493.json | 5 -- 2024/5xxx/CVE-2024-5494.json | 5 -- 2024/5xxx/CVE-2024-5495.json | 5 -- 2024/5xxx/CVE-2024-5496.json | 5 -- 2024/5xxx/CVE-2024-5497.json | 5 -- 2024/5xxx/CVE-2024-5498.json | 5 -- 2024/5xxx/CVE-2024-5499.json | 5 -- 2024/5xxx/CVE-2024-5597.json | 99 +++++++++++++++++++++++++++-- 2024/5xxx/CVE-2024-5800.json | 18 ++++++ 2024/5xxx/CVE-2024-5801.json | 18 ++++++ 2024/5xxx/CVE-2024-5802.json | 18 ++++++ 2024/5xxx/CVE-2024-5803.json | 18 ++++++ 2024/5xxx/CVE-2024-5804.json | 18 ++++++ 2024/5xxx/CVE-2024-5805.json | 18 ++++++ 2024/5xxx/CVE-2024-5806.json | 18 ++++++ 93 files changed, 1510 insertions(+), 232 deletions(-) create mode 100644 2024/5xxx/CVE-2024-5800.json create mode 100644 2024/5xxx/CVE-2024-5801.json create mode 100644 2024/5xxx/CVE-2024-5802.json create mode 100644 2024/5xxx/CVE-2024-5803.json create mode 100644 2024/5xxx/CVE-2024-5804.json create mode 100644 2024/5xxx/CVE-2024-5805.json create mode 100644 2024/5xxx/CVE-2024-5806.json diff --git a/2000/0xxx/CVE-2000-0476.json b/2000/0xxx/CVE-2000-0476.json index efbd7036728..411f02bbad6 100644 --- a/2000/0xxx/CVE-2000-0476.json +++ b/2000/0xxx/CVE-2000-0476.json @@ -71,11 +71,6 @@ "refsource": "MLIST", "name": "[oss-security] 20240609 vte 0.76.3 released with fix for CVE-2024-37535", "url": "http://www.openwall.com/lists/oss-security/2024/06/09/1" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20240609 Re: vte 0.76.3 released with fix for CVE-2024-37535", - "url": "http://www.openwall.com/lists/oss-security/2024/06/09/2" } ] } diff --git a/2023/31xxx/CVE-2023-31130.json b/2023/31xxx/CVE-2023-31130.json index de2c9944654..7c2b5a11960 100644 --- a/2023/31xxx/CVE-2023-31130.json +++ b/2023/31xxx/CVE-2023-31130.json @@ -88,6 +88,11 @@ "url": "https://security.gentoo.org/glsa/202310-09", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202310-09" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240605-0005/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240605-0005/" } ] }, diff --git a/2023/38xxx/CVE-2023-38729.json b/2023/38xxx/CVE-2023-38729.json index 384093002d2..b1a3d5123ff 100644 --- a/2023/38xxx/CVE-2023-38729.json +++ b/2023/38xxx/CVE-2023-38729.json @@ -63,6 +63,11 @@ "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/262259", "refsource": "MISC", "name": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/262259" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240517-0004/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240517-0004/" } ] }, diff --git a/2023/42xxx/CVE-2023-42861.json b/2023/42xxx/CVE-2023-42861.json index d620b54fdb9..cd8897adb38 100644 --- a/2023/42xxx/CVE-2023-42861.json +++ b/2023/42xxx/CVE-2023-42861.json @@ -73,11 +73,6 @@ "url": "https://support.apple.com/kb/HT214107", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214107" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/13", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/13" } ] } diff --git a/2023/45xxx/CVE-2023-45681.json b/2023/45xxx/CVE-2023-45681.json index 898c34b400c..ac0c9078198 100644 --- a/2023/45xxx/CVE-2023-45681.json +++ b/2023/45xxx/CVE-2023-45681.json @@ -68,16 +68,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBIPXOBWUHPAH4QHMVP2AWWAPDDZDQ66/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBIPXOBWUHPAH4QHMVP2AWWAPDDZDQ66/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WRORYQ2Z2XXHPX36JHBUSDVY6IOMW2N/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WRORYQ2Z2XXHPX36JHBUSDVY6IOMW2N/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHQQXX27ACLLYUQHWSL3DVCOGUK5ZA4/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHQQXX27ACLLYUQHWSL3DVCOGUK5ZA4/" } ] }, diff --git a/2023/47xxx/CVE-2023-47212.json b/2023/47xxx/CVE-2023-47212.json index 6b121a3e3c1..2db4cc01bce 100644 --- a/2023/47xxx/CVE-2023-47212.json +++ b/2023/47xxx/CVE-2023-47212.json @@ -63,16 +63,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBIPXOBWUHPAH4QHMVP2AWWAPDDZDQ66/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBIPXOBWUHPAH4QHMVP2AWWAPDDZDQ66/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WRORYQ2Z2XXHPX36JHBUSDVY6IOMW2N/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WRORYQ2Z2XXHPX36JHBUSDVY6IOMW2N/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHQQXX27ACLLYUQHWSL3DVCOGUK5ZA4/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHQQXX27ACLLYUQHWSL3DVCOGUK5ZA4/" } ] }, diff --git a/2023/6xxx/CVE-2023-6237.json b/2023/6xxx/CVE-2023-6237.json index 1a600457e0f..843a2fa6261 100644 --- a/2023/6xxx/CVE-2023-6237.json +++ b/2023/6xxx/CVE-2023-6237.json @@ -88,6 +88,11 @@ "url": "http://www.openwall.com/lists/oss-security/2024/03/11/1", "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2024/03/11/1" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240531-0007/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240531-0007/" } ] }, diff --git a/2023/6xxx/CVE-2023-6597.json b/2023/6xxx/CVE-2023-6597.json index 91a2efbefe6..e0e3d7ed1a6 100644 --- a/2023/6xxx/CVE-2023-6597.json +++ b/2023/6xxx/CVE-2023-6597.json @@ -123,6 +123,11 @@ "url": "http://www.openwall.com/lists/oss-security/2024/03/20/5", "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2024/03/20/5" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/" } ] }, diff --git a/2024/0xxx/CVE-2024-0450.json b/2024/0xxx/CVE-2024-0450.json index ac2a0e34265..c9b9fb21e24 100644 --- a/2024/0xxx/CVE-2024-0450.json +++ b/2024/0xxx/CVE-2024-0450.json @@ -139,6 +139,11 @@ "url": "https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675", "refsource": "MISC", "name": "https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/" } ] }, diff --git a/2024/1xxx/CVE-2024-1874.json b/2024/1xxx/CVE-2024-1874.json index e9fb9aa59f4..62ab17d9c49 100644 --- a/2024/1xxx/CVE-2024-1874.json +++ b/2024/1xxx/CVE-2024-1874.json @@ -90,11 +90,6 @@ "url": "https://security.netapp.com/advisory/ntap-20240510-0009/", "refsource": "MISC", "name": "https://security.netapp.com/advisory/ntap-20240510-0009/" - }, - { - "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1", - "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2024/06/07/1" } ] }, diff --git a/2024/21xxx/CVE-2024-21683.json b/2024/21xxx/CVE-2024-21683.json index dde1b13c76e..9ec20be6fb9 100644 --- a/2024/21xxx/CVE-2024-21683.json +++ b/2024/21xxx/CVE-2024-21683.json @@ -91,15 +91,15 @@ "status": "affected" }, { - "version": "8.9.1", + "version": "8.9.1 to 8.9.2", "status": "unaffected" }, { - "version": "8.5.9", + "version": "8.5.9 to 8.5.10", "status": "unaffected" }, { - "version": "7.19.22", + "version": "7.19.22 to 7.19.23", "status": "unaffected" } ] diff --git a/2024/21xxx/CVE-2024-21785.json b/2024/21xxx/CVE-2024-21785.json index ea5ca0b0375..897ec9bba80 100644 --- a/2024/21xxx/CVE-2024-21785.json +++ b/2024/21xxx/CVE-2024-21785.json @@ -63,6 +63,11 @@ "url": "https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yaj2AA/sa00038", "refsource": "MISC", "name": "https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yaj2AA/sa00038" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1942", + "refsource": "MISC", + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1942" } ] }, diff --git a/2024/21xxx/CVE-2024-21823.json b/2024/21xxx/CVE-2024-21823.json index d80de80fb4e..d6276be07f5 100644 --- a/2024/21xxx/CVE-2024-21823.json +++ b/2024/21xxx/CVE-2024-21823.json @@ -62,6 +62,11 @@ "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html", "refsource": "MISC", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/" } ] }, diff --git a/2024/23xxx/CVE-2024-23296.json b/2024/23xxx/CVE-2024-23296.json index 08014e6abd1..5e55ad36fbf 100644 --- a/2024/23xxx/CVE-2024-23296.json +++ b/2024/23xxx/CVE-2024-23296.json @@ -108,16 +108,6 @@ "url": "https://support.apple.com/kb/HT214107", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214107" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/11", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/11" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/13", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/13" } ] } diff --git a/2024/23xxx/CVE-2024-23450.json b/2024/23xxx/CVE-2024-23450.json index 8e38245cdce..230e771a96a 100644 --- a/2024/23xxx/CVE-2024-23450.json +++ b/2024/23xxx/CVE-2024-23450.json @@ -69,6 +69,11 @@ "url": "https://www.elastic.co/community/security", "refsource": "MISC", "name": "https://www.elastic.co/community/security" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240517-0010/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240517-0010/" } ] }, diff --git a/2024/23xxx/CVE-2024-23601.json b/2024/23xxx/CVE-2024-23601.json index fe088262d6d..59b35cf6e85 100644 --- a/2024/23xxx/CVE-2024-23601.json +++ b/2024/23xxx/CVE-2024-23601.json @@ -63,6 +63,11 @@ "url": "https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003ycL2AQ/sa00039", "refsource": "MISC", "name": "https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003ycL2AQ/sa00039" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1943", + "refsource": "MISC", + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1943" } ] }, diff --git a/2024/24xxx/CVE-2024-24583.json b/2024/24xxx/CVE-2024-24583.json index 12718efad54..1f5dfff6568 100644 --- a/2024/24xxx/CVE-2024-24583.json +++ b/2024/24xxx/CVE-2024-24583.json @@ -58,6 +58,11 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1928", + "refsource": "MISC", + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1928" } ] }, diff --git a/2024/24xxx/CVE-2024-24584.json b/2024/24xxx/CVE-2024-24584.json index 6d4f1bfca87..8769acc3877 100644 --- a/2024/24xxx/CVE-2024-24584.json +++ b/2024/24xxx/CVE-2024-24584.json @@ -58,6 +58,11 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1928", + "refsource": "MISC", + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1928" } ] }, diff --git a/2024/24xxx/CVE-2024-24788.json b/2024/24xxx/CVE-2024-24788.json index f37b3a4f161..cfb5d1cd548 100644 --- a/2024/24xxx/CVE-2024-24788.json +++ b/2024/24xxx/CVE-2024-24788.json @@ -78,6 +78,11 @@ "url": "http://www.openwall.com/lists/oss-security/2024/05/08/3", "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2024/05/08/3" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240605-0002/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240605-0002/" } ] }, diff --git a/2024/24xxx/CVE-2024-24806.json b/2024/24xxx/CVE-2024-24806.json index eae630d297a..ce8c146b9b5 100644 --- a/2024/24xxx/CVE-2024-24806.json +++ b/2024/24xxx/CVE-2024-24806.json @@ -98,6 +98,11 @@ "url": "http://www.openwall.com/lists/oss-security/2024/03/11/1", "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2024/03/11/1" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240605-0008/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240605-0008/" } ] }, diff --git a/2024/24xxx/CVE-2024-24989.json b/2024/24xxx/CVE-2024-24989.json index e3f005e2a9c..a1c8e8a6980 100644 --- a/2024/24xxx/CVE-2024-24989.json +++ b/2024/24xxx/CVE-2024-24989.json @@ -71,6 +71,11 @@ "url": "https://my.f5.com/manage/s/article/K000138444", "refsource": "MISC", "name": "https://my.f5.com/manage/s/article/K000138444" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/4" } ] }, diff --git a/2024/24xxx/CVE-2024-24990.json b/2024/24xxx/CVE-2024-24990.json index 04357e99de4..81b4ff50bb0 100644 --- a/2024/24xxx/CVE-2024-24990.json +++ b/2024/24xxx/CVE-2024-24990.json @@ -76,6 +76,11 @@ "url": "https://my.f5.com/manage/s/article/K000138445", "refsource": "MISC", "name": "https://my.f5.com/manage/s/article/K000138445" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/4" } ] }, diff --git a/2024/25xxx/CVE-2024-25642.json b/2024/25xxx/CVE-2024-25642.json index 47b87a9696d..5bd2976f117 100644 --- a/2024/25xxx/CVE-2024-25642.json +++ b/2024/25xxx/CVE-2024-25642.json @@ -63,6 +63,11 @@ "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "refsource": "MISC", "name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/May/26", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/May/26" } ] }, diff --git a/2024/26xxx/CVE-2024-26144.json b/2024/26xxx/CVE-2024-26144.json index 69dd779e29e..691d351f3d0 100644 --- a/2024/26xxx/CVE-2024-26144.json +++ b/2024/26xxx/CVE-2024-26144.json @@ -82,6 +82,11 @@ "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2024-26144.yml", "refsource": "MISC", "name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2024-26144.yml" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240510-0013/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240510-0013/" } ] }, diff --git a/2024/26xxx/CVE-2024-26629.json b/2024/26xxx/CVE-2024-26629.json index bdf282810b1..1dd959e27a2 100644 --- a/2024/26xxx/CVE-2024-26629.json +++ b/2024/26xxx/CVE-2024-26629.json @@ -131,6 +131,11 @@ "url": "https://git.kernel.org/stable/c/edcf9725150e42beeca42d085149f4c88fa97afd", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/edcf9725150e42beeca42d085149f4c88fa97afd" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/2" } ] }, diff --git a/2024/27xxx/CVE-2024-27254.json b/2024/27xxx/CVE-2024-27254.json index 1cbd500e23a..52d7b5a94bd 100644 --- a/2024/27xxx/CVE-2024-27254.json +++ b/2024/27xxx/CVE-2024-27254.json @@ -63,6 +63,11 @@ "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/283813", "refsource": "MISC", "name": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/283813" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240517-0004/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240517-0004/" } ] }, diff --git a/2024/27xxx/CVE-2024-27398.json b/2024/27xxx/CVE-2024-27398.json index d21dbc73aeb..58cd34d7ab0 100644 --- a/2024/27xxx/CVE-2024-27398.json +++ b/2024/27xxx/CVE-2024-27398.json @@ -174,6 +174,11 @@ "url": "https://git.kernel.org/stable/c/483bc08181827fc475643272ffb69c533007e546", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/483bc08181827fc475643272ffb69c533007e546" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/" } ] }, diff --git a/2024/27xxx/CVE-2024-27399.json b/2024/27xxx/CVE-2024-27399.json index 27ea9bd9e30..d3543927364 100644 --- a/2024/27xxx/CVE-2024-27399.json +++ b/2024/27xxx/CVE-2024-27399.json @@ -159,6 +159,11 @@ "url": "https://git.kernel.org/stable/c/adf0398cee86643b8eacde95f17d073d022f782c", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/adf0398cee86643b8eacde95f17d073d022f782c" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/" } ] }, diff --git a/2024/27xxx/CVE-2024-27400.json b/2024/27xxx/CVE-2024-27400.json index 298b78517e1..0b9a2a0ad1a 100644 --- a/2024/27xxx/CVE-2024-27400.json +++ b/2024/27xxx/CVE-2024-27400.json @@ -125,6 +125,11 @@ "url": "https://git.kernel.org/stable/c/d3a9331a6591e9df64791e076f6591f440af51c3", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/d3a9331a6591e9df64791e076f6591f440af51c3" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/" } ] }, diff --git a/2024/27xxx/CVE-2024-27401.json b/2024/27xxx/CVE-2024-27401.json index e7477694d34..c7fedd76590 100644 --- a/2024/27xxx/CVE-2024-27401.json +++ b/2024/27xxx/CVE-2024-27401.json @@ -149,6 +149,11 @@ "url": "https://git.kernel.org/stable/c/38762a0763c10c24a4915feee722d7aa6e73eb98", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/38762a0763c10c24a4915feee722d7aa6e73eb98" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/" } ] }, diff --git a/2024/27xxx/CVE-2024-27789.json b/2024/27xxx/CVE-2024-27789.json index 6e20df9a6a0..91fad9f49a2 100644 --- a/2024/27xxx/CVE-2024-27789.json +++ b/2024/27xxx/CVE-2024-27789.json @@ -95,21 +95,6 @@ "url": "https://support.apple.com/kb/HT214107", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214107" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/11", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/11" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/14", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/14" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/13", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/13" } ] } diff --git a/2024/27xxx/CVE-2024-27804.json b/2024/27xxx/CVE-2024-27804.json index b0b5fd73028..f8b8b3b95a5 100644 --- a/2024/27xxx/CVE-2024-27804.json +++ b/2024/27xxx/CVE-2024-27804.json @@ -114,21 +114,6 @@ "url": "http://seclists.org/fulldisclosure/2024/May/17", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/May/17" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/10", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/10" - }, - { - "url": "https://support.apple.com/kb/HT214102", - "refsource": "MISC", - "name": "https://support.apple.com/kb/HT214102" - }, - { - "url": "https://support.apple.com/kb/HT214104", - "refsource": "MISC", - "name": "https://support.apple.com/kb/HT214104" } ] } diff --git a/2024/27xxx/CVE-2024-27810.json b/2024/27xxx/CVE-2024-27810.json index 5befb0c0a81..ec8cd82b853 100644 --- a/2024/27xxx/CVE-2024-27810.json +++ b/2024/27xxx/CVE-2024-27810.json @@ -114,21 +114,6 @@ "url": "http://seclists.org/fulldisclosure/2024/May/17", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/May/17" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/10", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/10" - }, - { - "url": "https://support.apple.com/kb/HT214102", - "refsource": "MISC", - "name": "https://support.apple.com/kb/HT214102" - }, - { - "url": "https://support.apple.com/kb/HT214104", - "refsource": "MISC", - "name": "https://support.apple.com/kb/HT214104" } ] } diff --git a/2024/27xxx/CVE-2024-27816.json b/2024/27xxx/CVE-2024-27816.json index bb4948738b3..53447bc45c5 100644 --- a/2024/27xxx/CVE-2024-27816.json +++ b/2024/27xxx/CVE-2024-27816.json @@ -114,21 +114,6 @@ "url": "http://seclists.org/fulldisclosure/2024/May/17", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/May/17" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/10", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/10" - }, - { - "url": "https://support.apple.com/kb/HT214102", - "refsource": "MISC", - "name": "https://support.apple.com/kb/HT214102" - }, - { - "url": "https://support.apple.com/kb/HT214104", - "refsource": "MISC", - "name": "https://support.apple.com/kb/HT214104" } ] } diff --git a/2024/27xxx/CVE-2024-27834.json b/2024/27xxx/CVE-2024-27834.json index 58dade13668..a0ecf87a8f2 100644 --- a/2024/27xxx/CVE-2024-27834.json +++ b/2024/27xxx/CVE-2024-27834.json @@ -131,16 +131,6 @@ "url": "http://seclists.org/fulldisclosure/2024/May/17", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/May/17" - }, - { - "url": "http://www.openwall.com/lists/oss-security/2024/05/21/1", - "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2024/05/21/1" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/May/10", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/May/10" } ] } diff --git a/2024/27xxx/CVE-2024-27983.json b/2024/27xxx/CVE-2024-27983.json index 30a2725750d..fd021e576d9 100644 --- a/2024/27xxx/CVE-2024-27983.json +++ b/2024/27xxx/CVE-2024-27983.json @@ -83,6 +83,11 @@ "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16", "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2024/04/03/16" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240510-0002/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240510-0002/" } ] }, diff --git a/2024/28xxx/CVE-2024-28834.json b/2024/28xxx/CVE-2024-28834.json index 761498252b6..1bfde4de93e 100644 --- a/2024/28xxx/CVE-2024-28834.json +++ b/2024/28xxx/CVE-2024-28834.json @@ -294,6 +294,11 @@ "url": "https://people.redhat.com/~hkario/marvin/", "refsource": "MISC", "name": "https://people.redhat.com/~hkario/marvin/" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240524-0004/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240524-0004/" } ] }, diff --git a/2024/2xxx/CVE-2024-2660.json b/2024/2xxx/CVE-2024-2660.json index 4fc24b0f5db..9600c5233ed 100644 --- a/2024/2xxx/CVE-2024-2660.json +++ b/2024/2xxx/CVE-2024-2660.json @@ -90,6 +90,11 @@ "url": "https://discuss.hashicorp.com/t/hcsec-2024-07-vault-tls-cert-auth-method-did-not-correctly-validate-ocsp-responses/64573", "refsource": "MISC", "name": "https://discuss.hashicorp.com/t/hcsec-2024-07-vault-tls-cert-auth-method-did-not-correctly-validate-ocsp-responses/64573" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240524-0007/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240524-0007/" } ] }, diff --git a/2024/2xxx/CVE-2024-2757.json b/2024/2xxx/CVE-2024-2757.json index 4b2051db657..c05b989df3d 100644 --- a/2024/2xxx/CVE-2024-2757.json +++ b/2024/2xxx/CVE-2024-2757.json @@ -63,6 +63,11 @@ "url": "http://www.openwall.com/lists/oss-security/2024/04/12/11", "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2024/04/12/11" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240510-0011/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240510-0011/" } ] }, diff --git a/2024/31xxx/CVE-2024-31079.json b/2024/31xxx/CVE-2024-31079.json index 20568b3ae93..08ee4c4c9ee 100644 --- a/2024/31xxx/CVE-2024-31079.json +++ b/2024/31xxx/CVE-2024-31079.json @@ -71,6 +71,11 @@ "url": "https://my.f5.com/manage/s/article/K000139611", "refsource": "MISC", "name": "https://my.f5.com/manage/s/article/K000139611" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/" } ] }, diff --git a/2024/31xxx/CVE-2024-31611.json b/2024/31xxx/CVE-2024-31611.json index 5fa0b7cda70..dceb73dcb11 100644 --- a/2024/31xxx/CVE-2024-31611.json +++ b/2024/31xxx/CVE-2024-31611.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-31611", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-31611", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SeaCMS 12.9 has a file deletion vulnerability via admin_template.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/ss122-0ss/seacms/blob/main/readme.md", + "url": "https://github.com/ss122-0ss/seacms/blob/main/readme.md" } ] } diff --git a/2024/32xxx/CVE-2024-32760.json b/2024/32xxx/CVE-2024-32760.json index 0fa4480017f..36b21a2caa1 100644 --- a/2024/32xxx/CVE-2024-32760.json +++ b/2024/32xxx/CVE-2024-32760.json @@ -71,6 +71,11 @@ "url": "https://my.f5.com/manage/s/article/K000139609", "refsource": "MISC", "name": "https://my.f5.com/manage/s/article/K000139609" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/" } ] }, diff --git a/2024/33xxx/CVE-2024-33655.json b/2024/33xxx/CVE-2024-33655.json index b39380fdab0..9fe8e1f6796 100644 --- a/2024/33xxx/CVE-2024-33655.json +++ b/2024/33xxx/CVE-2024-33655.json @@ -101,6 +101,11 @@ "refsource": "MISC", "name": "https://gitlab.isc.org/isc-projects/bind9/-/issues/4398", "url": "https://gitlab.isc.org/isc-projects/bind9/-/issues/4398" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2024-9df760819c", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QITY2QBX2OCBTZIXD2A5ES62STFIA4AL/" } ] } diff --git a/2024/34xxx/CVE-2024-34064.json b/2024/34xxx/CVE-2024-34064.json index 966186482c3..d5d997ceeeb 100644 --- a/2024/34xxx/CVE-2024-34064.json +++ b/2024/34xxx/CVE-2024-34064.json @@ -73,11 +73,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCLF44KY43BSVMTE6S53B4V5WP3FRRSE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCLF44KY43BSVMTE6S53B4V5WP3FRRSE/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZALNWE3TXPPHVPSI3AZ5CTMSTAVN5UMS/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZALNWE3TXPPHVPSI3AZ5CTMSTAVN5UMS/" } ] }, diff --git a/2024/34xxx/CVE-2024-34161.json b/2024/34xxx/CVE-2024-34161.json index 1a3b6193bb0..445a4893457 100644 --- a/2024/34xxx/CVE-2024-34161.json +++ b/2024/34xxx/CVE-2024-34161.json @@ -71,6 +71,11 @@ "url": "https://my.f5.com/manage/s/article/K000139627", "refsource": "MISC", "name": "https://my.f5.com/manage/s/article/K000139627" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/" } ] }, diff --git a/2024/34xxx/CVE-2024-34397.json b/2024/34xxx/CVE-2024-34397.json index 44e327f4793..cd045f15860 100644 --- a/2024/34xxx/CVE-2024-34397.json +++ b/2024/34xxx/CVE-2024-34397.json @@ -76,6 +76,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20240513 [SECURITY] [DLA 3814-1] glib2.0 security update", "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00008.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20240531-0008/", + "url": "https://security.netapp.com/advisory/ntap-20240531-0008/" } ] } diff --git a/2024/34xxx/CVE-2024-34459.json b/2024/34xxx/CVE-2024-34459.json index bb8e1ed34ba..7d1822d45ca 100644 --- a/2024/34xxx/CVE-2024-34459.json +++ b/2024/34xxx/CVE-2024-34459.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2024-08e01e9f2f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/" } ] } diff --git a/2024/35xxx/CVE-2024-35200.json b/2024/35xxx/CVE-2024-35200.json index a58f3f127ec..fc65b7f5698 100644 --- a/2024/35xxx/CVE-2024-35200.json +++ b/2024/35xxx/CVE-2024-35200.json @@ -71,6 +71,11 @@ "url": "https://my.f5.com/manage/s/article/K000139612", "refsource": "MISC", "name": "https://my.f5.com/manage/s/article/K000139612" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/" } ] }, diff --git a/2024/35xxx/CVE-2024-35728.json b/2024/35xxx/CVE-2024-35728.json index 5389f971d03..e909fbe6a21 100644 --- a/2024/35xxx/CVE-2024-35728.json +++ b/2024/35xxx/CVE-2024-35728.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35728", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Themeisle PPOM for WooCommerce allows Code Inclusion.This issue affects PPOM for WooCommerce: from n/a through 32.0.20." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Themeisle", + "product": { + "product_data": [ + { + "product_name": "PPOM for WooCommerce", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "32.0.21", + "status": "unaffected" + } + ], + "lessThanOrEqual": "32.0.20", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/woocommerce-product-addon/wordpress-product-addons-fields-for-woocommerce-plugin-32-0-20-content-injection-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/woocommerce-product-addon/wordpress-product-addons-fields-for-woocommerce-plugin-32-0-20-content-injection-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 32.0.21 or a higher version." + } + ], + "value": "Update to 32.0.21 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Savphill (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/35xxx/CVE-2024-35743.json b/2024/35xxx/CVE-2024-35743.json index 2bb481c341e..a2234eba6b0 100644 --- a/2024/35xxx/CVE-2024-35743.json +++ b/2024/35xxx/CVE-2024-35743.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35743", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Siteclean SC filechecker allows Path Traversal, File Manipulation.This issue affects SC filechecker: from n/a through 0.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Siteclean", + "product": { + "product_data": [ + { + "product_name": "SC filechecker", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "0.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-file-checker/wordpress-sc-filechecker-plugin-0-6-arbitrary-file-deletion-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/wp-file-checker/wordpress-sc-filechecker-plugin-0-6-arbitrary-file-deletion-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "YC_Infosec (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/35xxx/CVE-2024-35744.json b/2024/35xxx/CVE-2024-35744.json index baecc12b5bf..d32efe10c51 100644 --- a/2024/35xxx/CVE-2024-35744.json +++ b/2024/35xxx/CVE-2024-35744.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35744", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a through 1.0.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Ravidhu Dissanayake", + "product": { + "product_data": [ + { + "product_name": "Upunzipper", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/upunzipper/wordpress-upunzipper-plugin-1-0-0-arbitrary-file-deletion-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/upunzipper/wordpress-upunzipper-plugin-1-0-0-arbitrary-file-deletion-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "YC_Infosec (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/35xxx/CVE-2024-35745.json b/2024/35xxx/CVE-2024-35745.json index 84f75c79660..4e53080f90a 100644 --- a/2024/35xxx/CVE-2024-35745.json +++ b/2024/35xxx/CVE-2024-35745.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35745", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Gabriel Somoza / Joseph Fitzgibbons Strategery Migrations allows Path Traversal, File Manipulation.This issue affects Strategery Migrations: from n/a through 1.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Gabriel Somoza / Joseph Fitzgibbons", + "product": { + "product_data": [ + { + "product_name": "Strategery Migrations", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/strategery-migrations/wordpress-strategery-migrations-plugin-1-0-arbitrary-file-deletion-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/strategery-migrations/wordpress-strategery-migrations-plugin-1-0-arbitrary-file-deletion-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "YC_Infosec (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/35xxx/CVE-2024-35746.json b/2024/35xxx/CVE-2024-35746.json index d60c61a71bf..b43e9c44271 100644 --- a/2024/35xxx/CVE-2024-35746.json +++ b/2024/35xxx/CVE-2024-35746.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35746", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a through 2.1.4.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "cweId": "CWE-434" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Asghar Hatampoor", + "product": { + "product_data": [ + { + "product_name": "BuddyPress Cover", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "2.1.4.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/bp-cover/wordpress-buddypress-cover-plugin-2-1-4-2-arbitrary-file-upload-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/bp-cover/wordpress-buddypress-cover-plugin-2-1-4-2-arbitrary-file-upload-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "YC_Infosec (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/35xxx/CVE-2024-35747.json b/2024/35xxx/CVE-2024-35747.json index 92d2ff106e8..d21f7a69682 100644 --- a/2024/35xxx/CVE-2024-35747.json +++ b/2024/35xxx/CVE-2024-35747.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35747", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-307 Improper Restriction of Excessive Authentication Attempts", + "cweId": "CWE-307" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpdevart", + "product": { + "product_data": [ + { + "product_name": "Contact Form Builder, Contact Widget", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "2.1.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/contact-forms-builder/wordpress-contact-form-builder-contact-widget-plugin-2-1-7-bypass-vulnerability-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/contact-forms-builder/wordpress-contact-form-builder-contact-widget-plugin-2-1-7-bypass-vulnerability-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Joshua Chan (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/35xxx/CVE-2024-35749.json b/2024/35xxx/CVE-2024-35749.json index 006d0c2c5ec..8ba246c6cfc 100644 --- a/2024/35xxx/CVE-2024-35749.json +++ b/2024/35xxx/CVE-2024-35749.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35749", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-290 Authentication Bypass by Spoofing", + "cweId": "CWE-290" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Acurax", + "product": { + "product_data": [ + { + "product_name": "Under Construction / Maintenance Mode from Acurax", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "2.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/coming-soon-maintenance-mode-from-acurax/wordpress-under-construction-maintenance-mode-from-acurax-plugin-2-6-ip-bypass-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/coming-soon-maintenance-mode-from-acurax/wordpress-under-construction-maintenance-mode-from-acurax-plugin-2-6-ip-bypass-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Mika (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/35xxx/CVE-2024-35754.json b/2024/35xxx/CVE-2024-35754.json index f57e366b20d..0359ce7114a 100644 --- a/2024/35xxx/CVE-2024-35754.json +++ b/2024/35xxx/CVE-2024-35754.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35754", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a through 1.6.3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Ovic Team", + "product": { + "product_data": [ + { + "product_name": "Ovic Importer", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.6.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/ovic-import-demo/wordpress-ovic-importer-plugin-1-6-3-arbitrary-file-download-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/ovic-import-demo/wordpress-ovic-importer-plugin-1-6-3-arbitrary-file-download-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Majed Refaea (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/35xxx/CVE-2024-35844.json b/2024/35xxx/CVE-2024-35844.json index bb8d76f3ada..f273d11485e 100644 --- a/2024/35xxx/CVE-2024-35844.json +++ b/2024/35xxx/CVE-2024-35844.json @@ -137,6 +137,11 @@ "url": "https://git.kernel.org/stable/c/2f6d721e14b69d6e1251f69fa238b48e8374e25f", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/2f6d721e14b69d6e1251f69fa238b48e8374e25f" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/2" } ] }, diff --git a/2024/35xxx/CVE-2024-35867.json b/2024/35xxx/CVE-2024-35867.json index 64be43b9792..85ceeda975b 100644 --- a/2024/35xxx/CVE-2024-35867.json +++ b/2024/35xxx/CVE-2024-35867.json @@ -105,6 +105,11 @@ "url": "https://git.kernel.org/stable/c/0865ffefea197b437ba78b5dd8d8e256253efd65", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/0865ffefea197b437ba78b5dd8d8e256253efd65" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/2" } ] }, diff --git a/2024/35xxx/CVE-2024-35904.json b/2024/35xxx/CVE-2024-35904.json index ce972b48014..9225fc4bf30 100644 --- a/2024/35xxx/CVE-2024-35904.json +++ b/2024/35xxx/CVE-2024-35904.json @@ -104,6 +104,11 @@ "url": "https://git.kernel.org/stable/c/37801a36b4d68892ce807264f784d818f8d0d39b", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/37801a36b4d68892ce807264f784d818f8d0d39b" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/2" } ] }, diff --git a/2024/35xxx/CVE-2024-35947.json b/2024/35xxx/CVE-2024-35947.json index c2088200708..5e2c2659b26 100644 --- a/2024/35xxx/CVE-2024-35947.json +++ b/2024/35xxx/CVE-2024-35947.json @@ -149,6 +149,11 @@ "url": "https://git.kernel.org/stable/c/00e7d3bea2ce7dac7bee1cf501fb071fd0ea8f6c", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/00e7d3bea2ce7dac7bee1cf501fb071fd0ea8f6c" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/" } ] }, diff --git a/2024/35xxx/CVE-2024-35949.json b/2024/35xxx/CVE-2024-35949.json index 1ff1d361c2a..a1d98cc6158 100644 --- a/2024/35xxx/CVE-2024-35949.json +++ b/2024/35xxx/CVE-2024-35949.json @@ -83,6 +83,11 @@ "url": "https://git.kernel.org/stable/c/e03418abde871314e1a3a550f4c8afb7b89cb273", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/e03418abde871314e1a3a550f4c8afb7b89cb273" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/" } ] }, diff --git a/2024/35xxx/CVE-2024-35951.json b/2024/35xxx/CVE-2024-35951.json index 15bd8a7b4ad..7519a9478b1 100644 --- a/2024/35xxx/CVE-2024-35951.json +++ b/2024/35xxx/CVE-2024-35951.json @@ -104,6 +104,11 @@ "url": "https://git.kernel.org/stable/c/1fc9af813b25e146d3607669247d0f970f5a87c3", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/1fc9af813b25e146d3607669247d0f970f5a87c3" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/2" } ] }, diff --git a/2024/35xxx/CVE-2024-35971.json b/2024/35xxx/CVE-2024-35971.json index 452c4a28cd0..bcb45206558 100644 --- a/2024/35xxx/CVE-2024-35971.json +++ b/2024/35xxx/CVE-2024-35971.json @@ -115,6 +115,11 @@ "url": "https://git.kernel.org/stable/c/be0384bf599cf1eb8d337517feeb732d71f75a6f", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/be0384bf599cf1eb8d337517feeb732d71f75a6f" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/2" } ] }, diff --git a/2024/36xxx/CVE-2024-36009.json b/2024/36xxx/CVE-2024-36009.json index a0710a6fb20..1586256742e 100644 --- a/2024/36xxx/CVE-2024-36009.json +++ b/2024/36xxx/CVE-2024-36009.json @@ -115,6 +115,11 @@ "url": "https://git.kernel.org/stable/c/467324bcfe1a31ec65d0cf4aa59421d6b7a7d52b", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/467324bcfe1a31ec65d0cf4aa59421d6b7a7d52b" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/2" } ] }, diff --git a/2024/36xxx/CVE-2024-36013.json b/2024/36xxx/CVE-2024-36013.json index 606f557234c..f36ee126e33 100644 --- a/2024/36xxx/CVE-2024-36013.json +++ b/2024/36xxx/CVE-2024-36013.json @@ -104,6 +104,11 @@ "url": "https://git.kernel.org/stable/c/4d7b41c0e43995b0e992b9f8903109275744b658", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/4d7b41c0e43995b0e992b9f8903109275744b658" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/30/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/30/2" } ] }, diff --git a/2024/36xxx/CVE-2024-36048.json b/2024/36xxx/CVE-2024-36048.json index d5d41d1bd63..272f134886f 100644 --- a/2024/36xxx/CVE-2024-36048.json +++ b/2024/36xxx/CVE-2024-36048.json @@ -66,16 +66,6 @@ "refsource": "FEDORA", "name": "FEDORA-2024-3936682805", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGB6KUPJFQWUBKXVDPJUMAD6KNJJEWPW/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2024-bfb8617ba3", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZPHAI3DKDCIU6XLNS6PV6GFS2PHH3GZM/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2024-2e27372d4c", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZOOZZZSK5PNRHFGQMUGUHVYWLILFJCRS/" } ] } diff --git a/2024/36xxx/CVE-2024-36407.json b/2024/36xxx/CVE-2024-36407.json index 9b12ed23bc1..ae08123b97d 100644 --- a/2024/36xxx/CVE-2024-36407.json +++ b/2024/36xxx/CVE-2024-36407.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-36407", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, a user password can be reset from an unauthenticated attacker. The attacker does not get access to the new password. But this can be annoying for the user. This attack is also dependent on some password reset functionalities being enabled. It also requires the system using php 7, which is not an officially supported version. Versions 7.14.4 and 8.6.1 contain a fix for this issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-640: Weak Password Recovery Mechanism for Forgotten Password", + "cweId": "CWE-640" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "salesagility", + "product": { + "product_data": [ + { + "product_name": "SuiteCRM", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 7.14.4" + }, + { + "version_affected": "=", + "version_value": ">= 8.0.0, < 8.6.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-6p2f-wwx9-952r", + "refsource": "MISC", + "name": "https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-6p2f-wwx9-952r" + } + ] + }, + "source": { + "advisory": "GHSA-6p2f-wwx9-952r", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 3.7, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "version": "3.1" } ] } diff --git a/2024/36xxx/CVE-2024-36408.json b/2024/36xxx/CVE-2024-36408.json index 32de980582d..005db9bbb75 100644 --- a/2024/36xxx/CVE-2024-36408.json +++ b/2024/36xxx/CVE-2024-36408.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-36408", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in the `Alerts` controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "salesagility", + "product": { + "product_data": [ + { + "product_name": "SuiteCRM", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 7.14.4" + }, + { + "version_affected": "=", + "version_value": ">= 8.0.0, < 8.6.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-2g8f-gjrr-x5cg", + "refsource": "MISC", + "name": "https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-2g8f-gjrr-x5cg" + } + ] + }, + "source": { + "advisory": "GHSA-2g8f-gjrr-x5cg", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/37xxx/CVE-2024-37535.json b/2024/37xxx/CVE-2024-37535.json index eafc529f6d1..8aafeef99c4 100644 --- a/2024/37xxx/CVE-2024-37535.json +++ b/2024/37xxx/CVE-2024-37535.json @@ -66,11 +66,6 @@ "refsource": "MLIST", "name": "[oss-security] 20240609 vte 0.76.3 released with fix for CVE-2024-37535", "url": "http://www.openwall.com/lists/oss-security/2024/06/09/1" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20240609 Re: vte 0.76.3 released with fix for CVE-2024-37535", - "url": "http://www.openwall.com/lists/oss-security/2024/06/09/2" } ] } diff --git a/2024/3xxx/CVE-2024-3850.json b/2024/3xxx/CVE-2024-3850.json index 749c83c98f6..6227759c7a3 100644 --- a/2024/3xxx/CVE-2024-3850.json +++ b/2024/3xxx/CVE-2024-3850.json @@ -1,17 +1,108 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3850", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack (XSS). An attacker could send a user a URL that if clicked on could execute malicious JavaScript in their browser. This vulnerability also requires authentication before it can be exploited, so the scope and severity is limited. Also, even if JavaScript is executed, no additional benefits are obtained." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Uniview", + "product": { + "product_data": [ + { + "product_name": "NVR301-04S2-P4", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "NVR-B3801.20.17.240507" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-156-01", + "refsource": "MISC", + "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-156-01" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "ICSA-24-156-01", + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\nUniview encourages users to obtain the fixed version, Uniview NVR-B3801.20.17.240507, and update. You may contact your local dealer, Uniview Service Hotline, or regional technical support for assistance.\n\n
" + } + ], + "value": "Uniview encourages users to obtain the fixed version, Uniview NVR-B3801.20.17.240507, and update. You may contact your local dealer, Uniview Service Hotline https://www.uniview.com/Support/Service_Hotline/ , or regional technical support for assistance." + } + ], + "credits": [ + { + "lang": "en", + "value": "CISA discovered a public Proof of Concept (PoC) as authored by Bleron Rrustemi and reported it to Uniview." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/4xxx/CVE-2024-4367.json b/2024/4xxx/CVE-2024-4367.json index 3660e8d10e7..387923e431e 100644 --- a/2024/4xxx/CVE-2024-4367.json +++ b/2024/4xxx/CVE-2024-4367.json @@ -97,6 +97,11 @@ "url": "https://www.mozilla.org/security/advisories/mfsa2024-23/", "refsource": "MISC", "name": "https://www.mozilla.org/security/advisories/mfsa2024-23/" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html" } ] }, diff --git a/2024/4xxx/CVE-2024-4603.json b/2024/4xxx/CVE-2024-4603.json index 373c4232cbf..172a6c41daf 100644 --- a/2024/4xxx/CVE-2024-4603.json +++ b/2024/4xxx/CVE-2024-4603.json @@ -93,6 +93,11 @@ "url": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e", "refsource": "MISC", "name": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/05/16/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/05/16/2" } ] }, diff --git a/2024/4xxx/CVE-2024-4767.json b/2024/4xxx/CVE-2024-4767.json index 62ee51cc5f7..7aa155fbd10 100644 --- a/2024/4xxx/CVE-2024-4767.json +++ b/2024/4xxx/CVE-2024-4767.json @@ -97,6 +97,11 @@ "url": "https://www.mozilla.org/security/advisories/mfsa2024-23/", "refsource": "MISC", "name": "https://www.mozilla.org/security/advisories/mfsa2024-23/" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html" } ] }, diff --git a/2024/4xxx/CVE-2024-4768.json b/2024/4xxx/CVE-2024-4768.json index 7f3cda08a61..afae92f692f 100644 --- a/2024/4xxx/CVE-2024-4768.json +++ b/2024/4xxx/CVE-2024-4768.json @@ -97,6 +97,11 @@ "url": "https://www.mozilla.org/security/advisories/mfsa2024-23/", "refsource": "MISC", "name": "https://www.mozilla.org/security/advisories/mfsa2024-23/" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html" } ] }, diff --git a/2024/4xxx/CVE-2024-4769.json b/2024/4xxx/CVE-2024-4769.json index 42ed6602c1e..8d2781710e0 100644 --- a/2024/4xxx/CVE-2024-4769.json +++ b/2024/4xxx/CVE-2024-4769.json @@ -97,6 +97,11 @@ "url": "https://www.mozilla.org/security/advisories/mfsa2024-23/", "refsource": "MISC", "name": "https://www.mozilla.org/security/advisories/mfsa2024-23/" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html" } ] }, diff --git a/2024/4xxx/CVE-2024-4770.json b/2024/4xxx/CVE-2024-4770.json index a2ff6389425..06a708f4c79 100644 --- a/2024/4xxx/CVE-2024-4770.json +++ b/2024/4xxx/CVE-2024-4770.json @@ -97,6 +97,11 @@ "url": "https://www.mozilla.org/security/advisories/mfsa2024-23/", "refsource": "MISC", "name": "https://www.mozilla.org/security/advisories/mfsa2024-23/" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html" } ] }, diff --git a/2024/4xxx/CVE-2024-4777.json b/2024/4xxx/CVE-2024-4777.json index 95c09613cd2..61122429260 100644 --- a/2024/4xxx/CVE-2024-4777.json +++ b/2024/4xxx/CVE-2024-4777.json @@ -97,6 +97,11 @@ "url": "https://www.mozilla.org/security/advisories/mfsa2024-23/", "refsource": "MISC", "name": "https://www.mozilla.org/security/advisories/mfsa2024-23/" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html" } ] }, diff --git a/2024/5xxx/CVE-2024-5102.json b/2024/5xxx/CVE-2024-5102.json index 902a8aef6e2..7625605fdd4 100644 --- a/2024/5xxx/CVE-2024-5102.json +++ b/2024/5xxx/CVE-2024-5102.json @@ -1,18 +1,76 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5102", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@nortonlifelock.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\\SYSTEM.\u00a0The vulnerability exists within the \"Repair\" (settings -> troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\\SYSTEM. A\u00a0low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the system. This can provide a low-privileged user an Elevation of Privilege to win a race-condition which will re-create the system files and make Windows callback to a specially-crafted file which could be used to launch a privileged shell instance.\n\nThis issue affects Avast Antivirus prior to 24.2." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-1284 Improper Validation of Specified Quantity in Input", + "cweId": "CWE-1284" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Avast", + "product": { + "product_data": [ + { + "product_name": "Antivirus", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "24.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html", + "refsource": "MISC", + "name": "https://support.norton.com/sp/static/external/tools/security-advisories.html" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Naor Hodorov" + } + ] } \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5493.json b/2024/5xxx/CVE-2024-5493.json index 7fb0ba824dd..db55d79972a 100644 --- a/2024/5xxx/CVE-2024-5493.json +++ b/2024/5xxx/CVE-2024-5493.json @@ -68,11 +68,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ] } diff --git a/2024/5xxx/CVE-2024-5494.json b/2024/5xxx/CVE-2024-5494.json index a2d4258a083..00df039b7ba 100644 --- a/2024/5xxx/CVE-2024-5494.json +++ b/2024/5xxx/CVE-2024-5494.json @@ -68,11 +68,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ] } diff --git a/2024/5xxx/CVE-2024-5495.json b/2024/5xxx/CVE-2024-5495.json index a56d9fb54d1..6c86c7816c6 100644 --- a/2024/5xxx/CVE-2024-5495.json +++ b/2024/5xxx/CVE-2024-5495.json @@ -68,11 +68,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ] } diff --git a/2024/5xxx/CVE-2024-5496.json b/2024/5xxx/CVE-2024-5496.json index ce9ffb8d8d4..360d04d2b81 100644 --- a/2024/5xxx/CVE-2024-5496.json +++ b/2024/5xxx/CVE-2024-5496.json @@ -68,11 +68,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ] } diff --git a/2024/5xxx/CVE-2024-5497.json b/2024/5xxx/CVE-2024-5497.json index 47d883b98a4..a27a8eeb7fb 100644 --- a/2024/5xxx/CVE-2024-5497.json +++ b/2024/5xxx/CVE-2024-5497.json @@ -68,11 +68,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ] } diff --git a/2024/5xxx/CVE-2024-5498.json b/2024/5xxx/CVE-2024-5498.json index a283b097ca6..9541391d768 100644 --- a/2024/5xxx/CVE-2024-5498.json +++ b/2024/5xxx/CVE-2024-5498.json @@ -68,11 +68,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ] } diff --git a/2024/5xxx/CVE-2024-5499.json b/2024/5xxx/CVE-2024-5499.json index 7dcfca78ef7..cd0bbd34290 100644 --- a/2024/5xxx/CVE-2024-5499.json +++ b/2024/5xxx/CVE-2024-5499.json @@ -68,11 +68,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ] } diff --git a/2024/5xxx/CVE-2024-5597.json b/2024/5xxx/CVE-2024-5597.json index 6a97228a28d..1a541221b80 100644 --- a/2024/5xxx/CVE-2024-5597.json +++ b/2024/5xxx/CVE-2024-5597.json @@ -1,17 +1,108 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5597", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Fuji Electric Monitouch V-SFT\u00a0is vulnerable to a type confusion, which could cause a crash or code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-843 Type Confusion", + "cweId": "CWE-843" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fuji Electric", + "product": { + "product_data": [ + { + "product_name": "Monitouch V-SFT", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "6.2.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02", + "refsource": "MISC", + "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "ICSA-24-151-02", + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Fuji Electric recommends users update the product to Monitouch V-SFT v6.2.3.0.\n\n
" + } + ], + "value": "Fuji Electric recommends users update the product to Monitouch V-SFT v6.2.3.0 https://felib.fujielectric.co.jp/en/M10009/M20104/document_detail/55ff739b-bd06-4241-b078-3b9c9728bdfd ." + } + ], + "credits": [ + { + "lang": "en", + "value": "kimiya working with Trend Micro Zero Day Initiative, reported these vulnerabilities to CISA." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/5xxx/CVE-2024-5800.json b/2024/5xxx/CVE-2024-5800.json new file mode 100644 index 00000000000..802ac322d88 --- /dev/null +++ b/2024/5xxx/CVE-2024-5800.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5800", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5801.json b/2024/5xxx/CVE-2024-5801.json new file mode 100644 index 00000000000..edfe6f6dae8 --- /dev/null +++ b/2024/5xxx/CVE-2024-5801.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5801", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5802.json b/2024/5xxx/CVE-2024-5802.json new file mode 100644 index 00000000000..2bc8d671bc7 --- /dev/null +++ b/2024/5xxx/CVE-2024-5802.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5802", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5803.json b/2024/5xxx/CVE-2024-5803.json new file mode 100644 index 00000000000..79d96ec2f59 --- /dev/null +++ b/2024/5xxx/CVE-2024-5803.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5803", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5804.json b/2024/5xxx/CVE-2024-5804.json new file mode 100644 index 00000000000..1bacf70749a --- /dev/null +++ b/2024/5xxx/CVE-2024-5804.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5804", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5805.json b/2024/5xxx/CVE-2024-5805.json new file mode 100644 index 00000000000..fc6df56d581 --- /dev/null +++ b/2024/5xxx/CVE-2024-5805.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5805", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5806.json b/2024/5xxx/CVE-2024-5806.json new file mode 100644 index 00000000000..c7c203234ab --- /dev/null +++ b/2024/5xxx/CVE-2024-5806.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5806", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file