diff --git a/2024/25xxx/CVE-2024-25157.json b/2024/25xxx/CVE-2024-25157.json index 6af5c651bf0..ef0eaac77bd 100644 --- a/2024/25xxx/CVE-2024-25157.json +++ b/2024/25xxx/CVE-2024-25157.json @@ -1,17 +1,110 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-25157", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security.reports@fortra.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-303: Incorrect Implementation of Authentication Algorithm", + "cweId": "CWE-303" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortra", + "product": { + "product_data": [ + { + "product_name": "GoAnywhere MFT", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThan": "7.6.0", + "status": "affected", + "version": "6.0.1", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.fortra.com/security/advisories/product-security/fi-2024-009", + "refsource": "MISC", + "name": "https://www.fortra.com/security/advisories/product-security/fi-2024-009" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Upgrade to GoAnywhere MFT 7.6.0
" + } + ], + "value": "Upgrade to GoAnywhere MFT 7.6.0" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/27xxx/CVE-2024-27267.json b/2024/27xxx/CVE-2024-27267.json index 2cc19b47e6f..6d76a6f051d 100644 --- a/2024/27xxx/CVE-2024-27267.json +++ b/2024/27xxx/CVE-2024-27267.json @@ -1,17 +1,98 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27267", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads. IBM X-Force ID: 284573." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-300 Channel Accessible by Non-Endpoint", + "cweId": "CWE-300" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "SDK, Java Technology Edition", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "7.1.0.0", + "version_value": "7.1.5.18" + }, + { + "version_affected": "<=", + "version_name": "8.0.0.0", + "version_value": "8.0.8.26" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7165421", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7165421" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/284573", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/284573" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/28xxx/CVE-2024-28799.json b/2024/28xxx/CVE-2024-28799.json index 47096c3c96f..39ad9c9d2d4 100644 --- a/2024/28xxx/CVE-2024-28799.json +++ b/2024/28xxx/CVE-2024-28799.json @@ -1,17 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-28799", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly during back-end commands which may result in the unexpected disclosure of this information. IBM X-Force ID: 287173." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-214 Invocation of Process Using Visible Sensitive Information", + "cweId": "CWE-214" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "QRadar Suite Software", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.10.12.0", + "version_value": "1.10.23.0" + } + ] + } + }, + { + "product_name": "Cloud Pak for Security", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.10.0.0", + "version_value": "1.10.11.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7165488", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7165488" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287173", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287173" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 5.6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/34xxx/CVE-2024-34127.json b/2024/34xxx/CVE-2024-34127.json index 2c498fa4e63..660827c1305 100644 --- a/2024/34xxx/CVE-2024-34127.json +++ b/2024/34xxx/CVE-2024-34127.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-34127", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "NONE", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "NONE", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "NONE", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39383.json b/2024/39xxx/CVE-2024-39383.json index b760db53041..6bdeea11dda 100644 --- a/2024/39xxx/CVE-2024-39383.json +++ b/2024/39xxx/CVE-2024-39383.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39383", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free (CWE-416)", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39386.json b/2024/39xxx/CVE-2024-39386.json index cb77f82d071..f2fff144e14 100644 --- a/2024/39xxx/CVE-2024-39386.json +++ b/2024/39xxx/CVE-2024-39386.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39386", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Write (CWE-787)", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Bridge", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "14.1.1", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/bridge/apsb24-59.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/bridge/apsb24-59.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39387.json b/2024/39xxx/CVE-2024-39387.json index f613c345517..133345ed1dc 100644 --- a/2024/39xxx/CVE-2024-39387.json +++ b/2024/39xxx/CVE-2024-39387.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39387", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Bridge", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "14.1.1", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/bridge/apsb24-59.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/bridge/apsb24-59.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "NONE", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "NONE", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "NONE", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39388.json b/2024/39xxx/CVE-2024-39388.json index 87fc865d02f..4d37e21034f 100644 --- a/2024/39xxx/CVE-2024-39388.json +++ b/2024/39xxx/CVE-2024-39388.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39388", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Substance3D - Stager versions 3.0.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free (CWE-416)", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Substance3D - Stager", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "3.0.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-60.htm", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-60.htm" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39389.json b/2024/39xxx/CVE-2024-39389.json index a14824492ff..a2f42df358e 100644 --- a/2024/39xxx/CVE-2024-39389.json +++ b/2024/39xxx/CVE-2024-39389.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39389", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Stack-based Buffer Overflow (CWE-121)", + "cweId": "CWE-121" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39390.json b/2024/39xxx/CVE-2024-39390.json index 7e9ac95620d..fc2cabecd84 100644 --- a/2024/39xxx/CVE-2024-39390.json +++ b/2024/39xxx/CVE-2024-39390.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39390", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Write (CWE-787)", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39391.json b/2024/39xxx/CVE-2024-39391.json index 3b874d8e19f..4617d7e2aa2 100644 --- a/2024/39xxx/CVE-2024-39391.json +++ b/2024/39xxx/CVE-2024-39391.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39391", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Write (CWE-787)", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39393.json b/2024/39xxx/CVE-2024-39393.json index 54d2b6c5773..32c1acf03d4 100644 --- a/2024/39xxx/CVE-2024-39393.json +++ b/2024/39xxx/CVE-2024-39393.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39393", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39394.json b/2024/39xxx/CVE-2024-39394.json index 689f3fcbecf..e09ff60e0ac 100644 --- a/2024/39xxx/CVE-2024-39394.json +++ b/2024/39xxx/CVE-2024-39394.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39394", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Write (CWE-787)", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39395.json b/2024/39xxx/CVE-2024-39395.json index 8322df6fea7..f2f478a95a1 100644 --- a/2024/39xxx/CVE-2024-39395.json +++ b/2024/39xxx/CVE-2024-39395.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39395", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a DoS condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NULL Pointer Dereference (CWE-476)", + "cweId": "CWE-476" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "NONE", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "NONE", + "modifiedIntegrityImpact": "NONE", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39420.json b/2024/39xxx/CVE-2024-39420.json index 3e8b947521e..337282bbf19 100644 --- a/2024/39xxx/CVE-2024-39420.json +++ b/2024/39xxx/CVE-2024-39420.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39420", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in arbitrary code execution in the context of the current user. This issue occurs when the state of a resource changes between its check-time and use-time, allowing an attacker to manipulate the resource. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)", + "cweId": "CWE-367" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39422.json b/2024/39xxx/CVE-2024-39422.json index a5a825abcc7..d47393edb52 100644 --- a/2024/39xxx/CVE-2024-39422.json +++ b/2024/39xxx/CVE-2024-39422.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39422", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free (CWE-416)", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39423.json b/2024/39xxx/CVE-2024-39423.json index d2f1bea2015..684f72526b6 100644 --- a/2024/39xxx/CVE-2024-39423.json +++ b/2024/39xxx/CVE-2024-39423.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39423", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Write (CWE-787)", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39424.json b/2024/39xxx/CVE-2024-39424.json index 8c2508b707d..7c794edd7dc 100644 --- a/2024/39xxx/CVE-2024-39424.json +++ b/2024/39xxx/CVE-2024-39424.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39424", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free (CWE-416)", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39425.json b/2024/39xxx/CVE-2024-39425.json index 9bdb06cc66a..08165471133 100644 --- a/2024/39xxx/CVE-2024-39425.json +++ b/2024/39xxx/CVE-2024-39425.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39425", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local low-privilege access to the affected system and attack complexity is high." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)", + "cweId": "CWE-367" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "HIGH", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "LOW", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "NONE", + "privilegesRequired": "LOW", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7, + "temporalSeverity": "HIGH", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/39xxx/CVE-2024-39426.json b/2024/39xxx/CVE-2024-39426.json index 3501490c377..efd832d4b3a 100644 --- a/2024/39xxx/CVE-2024-39426.json +++ b/2024/39xxx/CVE-2024-39426.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39426", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41830.json b/2024/41xxx/CVE-2024-41830.json index 9cd80fb37ec..d106f6736c9 100644 --- a/2024/41xxx/CVE-2024-41830.json +++ b/2024/41xxx/CVE-2024-41830.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41830", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free (CWE-416)", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41831.json b/2024/41xxx/CVE-2024-41831.json index ff17f64caad..4e8eb8463cb 100644 --- a/2024/41xxx/CVE-2024-41831.json +++ b/2024/41xxx/CVE-2024-41831.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41831", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free (CWE-416)", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41832.json b/2024/41xxx/CVE-2024-41832.json index b67cc4c9ba4..74a4dbf49e8 100644 --- a/2024/41xxx/CVE-2024-41832.json +++ b/2024/41xxx/CVE-2024-41832.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41832", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "NONE", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "NONE", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "NONE", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41833.json b/2024/41xxx/CVE-2024-41833.json index efeccf230e6..242cdf77c70 100644 --- a/2024/41xxx/CVE-2024-41833.json +++ b/2024/41xxx/CVE-2024-41833.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41833", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "NONE", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "NONE", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "NONE", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41834.json b/2024/41xxx/CVE-2024-41834.json index fca3c86d51d..66f8bafaa39 100644 --- a/2024/41xxx/CVE-2024-41834.json +++ b/2024/41xxx/CVE-2024-41834.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41834", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "NONE", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "NONE", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "NONE", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41835.json b/2024/41xxx/CVE-2024-41835.json index e51de2f5cab..9b1198aebec 100644 --- a/2024/41xxx/CVE-2024-41835.json +++ b/2024/41xxx/CVE-2024-41835.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41835", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "24.001.30123", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "NONE", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "NONE", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "NONE", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41840.json b/2024/41xxx/CVE-2024-41840.json index 947a19a81a5..fa80ef398be 100644 --- a/2024/41xxx/CVE-2024-41840.json +++ b/2024/41xxx/CVE-2024-41840.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41840", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Write (CWE-787)", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "Bridge", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "14.1.1", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/bridge/apsb24-59.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/bridge/apsb24-59.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41850.json b/2024/41xxx/CVE-2024-41850.json index 713bfc07a7e..8fa525e0030 100644 --- a/2024/41xxx/CVE-2024-41850.json +++ b/2024/41xxx/CVE-2024-41850.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41850", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap-based Buffer Overflow (CWE-122)", + "cweId": "CWE-122" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41851.json b/2024/41xxx/CVE-2024-41851.json index 3b07bd1095f..b695d2487e1 100644 --- a/2024/41xxx/CVE-2024-41851.json +++ b/2024/41xxx/CVE-2024-41851.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41851", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer Overflow or Wraparound (CWE-190)", + "cweId": "CWE-190" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41852.json b/2024/41xxx/CVE-2024-41852.json index 9cd638e9a70..7f7d03fe1ad 100644 --- a/2024/41xxx/CVE-2024-41852.json +++ b/2024/41xxx/CVE-2024-41852.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41852", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Stack-based Buffer Overflow (CWE-121)", + "cweId": "CWE-121" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41853.json b/2024/41xxx/CVE-2024-41853.json index bbd4e0839ac..70328249653 100644 --- a/2024/41xxx/CVE-2024-41853.json +++ b/2024/41xxx/CVE-2024-41853.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41853", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap-based Buffer Overflow (CWE-122)", + "cweId": "CWE-122" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 7.8, + "environmentalSeverity": "HIGH", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "HIGH", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "HIGH", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 7.8, + "temporalSeverity": "HIGH", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41854.json b/2024/41xxx/CVE-2024-41854.json index 5b2245dbbdd..0ce14edd7d1 100644 --- a/2024/41xxx/CVE-2024-41854.json +++ b/2024/41xxx/CVE-2024-41854.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41854", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "NONE", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "NONE", + "modifiedConfidentialityImpact": "HIGH", + "modifiedIntegrityImpact": "NONE", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/41xxx/CVE-2024-41866.json b/2024/41xxx/CVE-2024-41866.json index b76e875b513..a9def34bb48 100644 --- a/2024/41xxx/CVE-2024-41866.json +++ b/2024/41xxx/CVE-2024-41866.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41866", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NULL Pointer Dereference (CWE-476)", + "cweId": "CWE-476" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe", + "product": { + "product_data": [ + { + "product_name": "InDesign Desktop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "ID18.5.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html", + "refsource": "MISC", + "name": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "availabilityRequirement": "NOT_DEFINED", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "confidentialityRequirement": "NOT_DEFINED", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", + "exploitCodeMaturity": "NOT_DEFINED", + "integrityImpact": "NONE", + "integrityRequirement": "NOT_DEFINED", + "modifiedAttackComplexity": "LOW", + "modifiedAttackVector": "LOCAL", + "modifiedAvailabilityImpact": "HIGH", + "modifiedConfidentialityImpact": "NONE", + "modifiedIntegrityImpact": "NONE", + "modifiedPrivilegesRequired": "NONE", + "modifiedScope": "NOT_DEFINED", + "modifiedUserInteraction": "REQUIRED", + "privilegesRequired": "NONE", + "remediationLevel": "NOT_DEFINED", + "reportConfidence": "NOT_DEFINED", + "scope": "UNCHANGED", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/43xxx/CVE-2024-43683.json b/2024/43xxx/CVE-2024-43683.json new file mode 100644 index 00000000000..ea1c19bb7a8 --- /dev/null +++ b/2024/43xxx/CVE-2024-43683.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-43683", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/43xxx/CVE-2024-43684.json b/2024/43xxx/CVE-2024-43684.json new file mode 100644 index 00000000000..aa75a8ebe5f --- /dev/null +++ b/2024/43xxx/CVE-2024-43684.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-43684", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/43xxx/CVE-2024-43685.json b/2024/43xxx/CVE-2024-43685.json new file mode 100644 index 00000000000..61af133c5a1 --- /dev/null +++ b/2024/43xxx/CVE-2024-43685.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-43685", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/43xxx/CVE-2024-43686.json b/2024/43xxx/CVE-2024-43686.json new file mode 100644 index 00000000000..50b8501b163 --- /dev/null +++ b/2024/43xxx/CVE-2024-43686.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-43686", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/43xxx/CVE-2024-43687.json b/2024/43xxx/CVE-2024-43687.json new file mode 100644 index 00000000000..9475b9a3524 --- /dev/null +++ b/2024/43xxx/CVE-2024-43687.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-43687", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7347.json b/2024/7xxx/CVE-2024-7347.json index 32f6f56aab2..01ae7e6edee 100644 --- a/2024/7xxx/CVE-2024-7347.json +++ b/2024/7xxx/CVE-2024-7347.json @@ -44,19 +44,19 @@ "x_cve_json_5_version_data": { "versions": [ { + "status": "affected", + "version": "1.5.13", + "lessThan": "*", "changes": [ { "at": "1.26.2", "status": "unaffected" }, { - "at": "1.27.0", + "at": "1.27.1", "status": "unaffected" } ], - "lessThan": "*", - "status": "affected", - "version": "1.5.13", "versionType": "semver" } ], @@ -75,6 +75,9 @@ "x_cve_json_5_version_data": { "versions": [ { + "status": "affected", + "version": "R4", + "lessThan": "*", "changes": [ { "at": "R31 P3", @@ -85,9 +88,6 @@ "status": "unaffected" } ], - "lessThan": "*", - "status": "affected", - "version": "R4", "versionType": "custom" } ], @@ -127,18 +127,18 @@ "impact": { "cvss": [ { - "attackComplexity": "HIGH", + "version": "3.1", "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 4.7, - "baseSeverity": "MEDIUM", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" + "availabilityImpact": "HIGH", + "baseSeverity": "MEDIUM", + "baseScore": 4.7, + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ] } diff --git a/2024/7xxx/CVE-2024-7797.json b/2024/7xxx/CVE-2024-7797.json new file mode 100644 index 00000000000..c9384ffe131 --- /dev/null +++ b/2024/7xxx/CVE-2024-7797.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7797", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7798.json b/2024/7xxx/CVE-2024-7798.json new file mode 100644 index 00000000000..f629657583f --- /dev/null +++ b/2024/7xxx/CVE-2024-7798.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7798", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7799.json b/2024/7xxx/CVE-2024-7799.json new file mode 100644 index 00000000000..528bc527c8e --- /dev/null +++ b/2024/7xxx/CVE-2024-7799.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7799", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7800.json b/2024/7xxx/CVE-2024-7800.json new file mode 100644 index 00000000000..996f852bb57 --- /dev/null +++ b/2024/7xxx/CVE-2024-7800.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7800", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7801.json b/2024/7xxx/CVE-2024-7801.json new file mode 100644 index 00000000000..10d9c72f2d7 --- /dev/null +++ b/2024/7xxx/CVE-2024-7801.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7801", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file