diff --git a/2021/1xxx/CVE-2021-1466.json b/2021/1xxx/CVE-2021-1466.json index 20971f189e7..9af1530e73a 100644 --- a/2021/1xxx/CVE-2021-1466.json +++ b/2021/1xxx/CVE-2021-1466.json @@ -1,17 +1,242 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-1466", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the vDaemon service of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to cause a buffer overflow on an affected system, resulting in a denial of service (DoS) condition.\r\nThe vulnerability is due to incomplete bounds checks for data that is provided to the vDaemon service of an affected system. An attacker could exploit this vulnerability by sending malicious data to the vDaemon listening service on the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could allow the attacker to cause the vDaemon listening service to reload and result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Catalyst SD-WAN Manager", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "19.2.1" + }, + { + "version_affected": "=", + "version_value": "18.4.4" + }, + { + "version_affected": "=", + "version_value": "20.1.1.1" + }, + { + "version_affected": "=", + "version_value": "20.1.1" + }, + { + "version_affected": "=", + "version_value": "19.3.0" + }, + { + "version_affected": "=", + "version_value": "19.2.2" + }, + { + "version_affected": "=", + "version_value": "19.2.099" + }, + { + "version_affected": "=", + "version_value": "18.3.6" + }, + { + "version_affected": "=", + "version_value": "18.3.7" + }, + { + "version_affected": "=", + "version_value": "19.2.0" + }, + { + "version_affected": "=", + "version_value": "18.3.8" + }, + { + "version_affected": "=", + "version_value": "19.0.0" + }, + { + "version_affected": "=", + "version_value": "19.1.0" + }, + { + "version_affected": "=", + "version_value": "18.4.302" + }, + { + "version_affected": "=", + "version_value": "18.4.303" + }, + { + "version_affected": "=", + "version_value": "19.2.097" + }, + { + "version_affected": "=", + "version_value": "19.2.098" + }, + { + "version_affected": "=", + "version_value": "17.2.10" + }, + { + "version_affected": "=", + "version_value": "18.3.6.1" + }, + { + "version_affected": "=", + "version_value": "19.0.1a" + }, + { + "version_affected": "=", + "version_value": "18.2.0" + }, + { + "version_affected": "=", + "version_value": "18.4.3" + }, + { + "version_affected": "=", + "version_value": "18.4.1" + }, + { + "version_affected": "=", + "version_value": "17.2.8" + }, + { + "version_affected": "=", + "version_value": "18.3.3.1" + }, + { + "version_affected": "=", + "version_value": "18.4.0" + }, + { + "version_affected": "=", + "version_value": "18.3.1" + }, + { + "version_affected": "=", + "version_value": "17.2.6" + }, + { + "version_affected": "=", + "version_value": "17.2.9" + }, + { + "version_affected": "=", + "version_value": "18.3.4" + }, + { + "version_affected": "=", + "version_value": "17.2.5" + }, + { + "version_affected": "=", + "version_value": "18.3.1.1" + }, + { + "version_affected": "=", + "version_value": "18.3.5" + }, + { + "version_affected": "=", + "version_value": "18.4.0.1" + }, + { + "version_affected": "=", + "version_value": "18.3.3" + }, + { + "version_affected": "=", + "version_value": "17.2.7" + }, + { + "version_affected": "=", + "version_value": "17.2.4" + }, + { + "version_affected": "=", + "version_value": "18.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vdaemon-bo-RuzzEA2", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vdaemon-bo-RuzzEA2" + } + ] + }, + "source": { + "advisory": "cisco-sa-sdwan-vdaemon-bo-RuzzEA2", + "discovery": "INTERNAL", + "defects": [ + "CSCvt11526" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/RL:X/RC:X/E:X", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" } ] } diff --git a/2024/11xxx/CVE-2024-11248.json b/2024/11xxx/CVE-2024-11248.json index 65e71d4241e..1bbaaa4d818 100644 --- a/2024/11xxx/CVE-2024-11248.json +++ b/2024/11xxx/CVE-2024-11248.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-11248", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in Tenda AC10 16.03.10.13 gefunden. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion formSetRebootTimer der Datei /goform/SetSysAutoRebbotCfg. Durch Manipulation des Arguments rebootTime mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption", + "cweId": "CWE-119" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tenda", + "product": { + "product_data": [ + { + "product_name": "AC10", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "16.03.10.13" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.284684", + "refsource": "MISC", + "name": "https://vuldb.com/?id.284684" + }, + { + "url": "https://vuldb.com/?ctiid.284684", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.284684" + }, + { + "url": "https://vuldb.com/?submit.443204", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.443204" + }, + { + "url": "https://tasty-foxtrot-3a8.notion.site/Tenda-AC10v4-formSetRebootTimer-stack-overflow-13d0448e619580bf8ab1df7cfb6c018b", + "refsource": "MISC", + "name": "https://tasty-foxtrot-3a8.notion.site/Tenda-AC10v4-formSetRebootTimer-stack-overflow-13d0448e619580bf8ab1df7cfb6c018b" + }, + { + "url": "https://www.tenda.com.cn/", + "refsource": "MISC", + "name": "https://www.tenda.com.cn/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "hand_king (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.8, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 8.8, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 9, + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C" } ] } diff --git a/2024/11xxx/CVE-2024-11250.json b/2024/11xxx/CVE-2024-11250.json index d8cba6b24e4..d1b64544dc8 100644 --- a/2024/11xxx/CVE-2024-11250.json +++ b/2024/11xxx/CVE-2024-11250.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-11250", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in code-projects Inventory Management up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /model/editProduct.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "In code-projects Inventory Management bis 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei /model/editProduct.php. Mittels Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "code-projects", + "product": { + "product_data": [ + { + "product_name": "Inventory Management", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.284686", + "refsource": "MISC", + "name": "https://vuldb.com/?id.284686" + }, + { + "url": "https://vuldb.com/?ctiid.284686", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.284686" + }, + { + "url": "https://vuldb.com/?submit.443272", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.443272" + }, + { + "url": "https://github.com/sh3rl0ckpggp/0day/blob/main/inventory-management_authenticated_sqli.md", + "refsource": "MISC", + "name": "https://github.com/sh3rl0ckpggp/0day/blob/main/inventory-management_authenticated_sqli.md" + }, + { + "url": "https://code-projects.org/", + "refsource": "MISC", + "name": "https://code-projects.org/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "sh3rl0ckpgp (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2024/11xxx/CVE-2024-11264.json b/2024/11xxx/CVE-2024-11264.json new file mode 100644 index 00000000000..0c2d9bd9d5c --- /dev/null +++ b/2024/11xxx/CVE-2024-11264.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11264", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11265.json b/2024/11xxx/CVE-2024-11265.json new file mode 100644 index 00000000000..b6e3c6308d8 --- /dev/null +++ b/2024/11xxx/CVE-2024-11265.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11265", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11266.json b/2024/11xxx/CVE-2024-11266.json new file mode 100644 index 00000000000..4705e555f03 --- /dev/null +++ b/2024/11xxx/CVE-2024-11266.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11266", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11267.json b/2024/11xxx/CVE-2024-11267.json new file mode 100644 index 00000000000..669d5db2f5e --- /dev/null +++ b/2024/11xxx/CVE-2024-11267.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11267", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11268.json b/2024/11xxx/CVE-2024-11268.json new file mode 100644 index 00000000000..5fe3a540452 --- /dev/null +++ b/2024/11xxx/CVE-2024-11268.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11268", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/46xxx/CVE-2024-46383.json b/2024/46xxx/CVE-2024-46383.json index 70f344ab01e..42ae59a7ce2 100644 --- a/2024/46xxx/CVE-2024-46383.json +++ b/2024/46xxx/CVE-2024-46383.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46383", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46383", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://skyworth.com", + "refsource": "MISC", + "name": "http://skyworth.com" + }, + { + "refsource": "MISC", + "name": "https://github.com/nitinronge91/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383", + "url": "https://github.com/nitinronge91/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383" } ] } diff --git a/2024/46xxx/CVE-2024-46462.json b/2024/46xxx/CVE-2024-46462.json index 4866322b108..f38fcbe0d6d 100644 --- a/2024/46xxx/CVE-2024-46462.json +++ b/2024/46xxx/CVE-2024-46462.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46462", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46462", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "By default, dedicated folders of ZEDMAIL for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZEDMAIL has to be modified to prevent this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.primx.eu/en/bulletins/security-bulletin-24931936/", + "url": "https://www.primx.eu/en/bulletins/security-bulletin-24931936/" } ] } diff --git a/2024/46xxx/CVE-2024-46463.json b/2024/46xxx/CVE-2024-46463.json index 3c0862b8efd..1712c00d9fe 100644 --- a/2024/46xxx/CVE-2024-46463.json +++ b/2024/46xxx/CVE-2024-46463.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46463", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46463", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "By default, dedicated folders of ORIZON for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ORIZON has to be modified to prevent this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.primx.eu/en/bulletins/security-bulletin-24932297/", + "url": "https://www.primx.eu/en/bulletins/security-bulletin-24932297/" } ] } diff --git a/2024/46xxx/CVE-2024-46465.json b/2024/46xxx/CVE-2024-46465.json index 78d412f175d..98f97441c98 100644 --- a/2024/46xxx/CVE-2024-46465.json +++ b/2024/46xxx/CVE-2024-46465.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46465", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46465", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "By default, dedicated folders of CRYHOD for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of CRYHOD has to be modified to prevent this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.primx.eu/en/bulletins/security-bulletin-24932296/", + "url": "https://www.primx.eu/en/bulletins/security-bulletin-24932296/" } ] } diff --git a/2024/46xxx/CVE-2024-46466.json b/2024/46xxx/CVE-2024-46466.json index 9779f5affa3..e79aca8bd07 100644 --- a/2024/46xxx/CVE-2024-46466.json +++ b/2024/46xxx/CVE-2024-46466.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46466", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46466", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 (ANSSI qualification submission) can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZONECENTRAL has to be modified to prevent this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.primx.eu/en/bulletins/security-bulletin-24931934/", + "url": "https://www.primx.eu/en/bulletins/security-bulletin-24931934/" } ] } diff --git a/2024/46xxx/CVE-2024-46467.json b/2024/46xxx/CVE-2024-46467.json index b8a27053754..5e4487f0021 100644 --- a/2024/46xxx/CVE-2024-46467.json +++ b/2024/46xxx/CVE-2024-46467.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46467", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46467", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "By default, dedicated folders of ZONEPOINT for Windows up to 2024.1 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZONEPOINT has to be modified to prevent this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.primx.eu/en/bulletins/security-bulletin-24932299/", + "url": "https://www.primx.eu/en/bulletins/security-bulletin-24932299/" } ] } diff --git a/2024/47xxx/CVE-2024-47759.json b/2024/47xxx/CVE-2024-47759.json index fc4ef5ff4c4..4921880c184 100644 --- a/2024/47xxx/CVE-2024-47759.json +++ b/2024/47xxx/CVE-2024-47759.json @@ -1,18 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-47759", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GLPI is a free Asset and IT management software package. An technician can upload a SVG containing a malicious script. The script will then be executed when any user will try to see the document contents. Upgrade to 10.0.17." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "glpi-project", + "product": { + "product_data": [ + { + "product_name": "glpi", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 9.2.0, < 10.0.17" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-474f-9vpp-xxq5", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-474f-9vpp-xxq5" + } + ] + }, + "source": { + "advisory": "GHSA-474f-9vpp-xxq5", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52507.json b/2024/52xxx/CVE-2024-52507.json index 95ca38b4ec0..5a74e24efef 100644 --- a/2024/52xxx/CVE-2024-52507.json +++ b/2024/52xxx/CVE-2024-52507.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52507", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud Tables allows users to to create tables with individual columns. The information which Table (numeric ID) is shared with which groups and users and the respective permissions was not limited to affected users. It is recommended that the Nextcloud Tables app is upgraded to 0.8.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639: Authorization Bypass Through User-Controlled Key", + "cweId": "CWE-639" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 0.3.0, < 0.8.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-rgvc-xr2w-qq45", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-rgvc-xr2w-qq45" + }, + { + "url": "https://github.com/nextcloud/tables/pull/1406", + "refsource": "MISC", + "name": "https://github.com/nextcloud/tables/pull/1406" + }, + { + "url": "https://github.com/nextcloud/tables/commit/13ca45f1b9f70f694aea81b78bc7416ec840c332", + "refsource": "MISC", + "name": "https://github.com/nextcloud/tables/commit/13ca45f1b9f70f694aea81b78bc7416ec840c332" + }, + { + "url": "https://hackerone.com/reports/2705507", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2705507" + } + ] + }, + "source": { + "advisory": "GHSA-rgvc-xr2w-qq45", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52508.json b/2024/52xxx/CVE-2024-52508.json index 5c585089dc6..a9ca5cfa284 100644 --- a/2024/52xxx/CVE-2024-52508.json +++ b/2024/52xxx/CVE-2024-52508.json @@ -1,17 +1,116 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52508", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like user@example.tld that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would be send to the server of the attacker. It is recommended that the Nextcloud Mail app is upgraded to 1.14.6, 1.15.4, 2.2.11, 3.6.3, 3.7.7 or 4.0.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 1.9.0, < 1.14.6" + }, + { + "version_affected": "=", + "version_value": ">= 2.1.0, < 2.2.11" + }, + { + "version_affected": "=", + "version_value": ">= 3.1.0, < 3.6.3" + }, + { + "version_affected": "=", + "version_value": ">= 1.15.0, < 1.15.4" + }, + { + "version_affected": "=", + "version_value": ">= 3.7.0, < 3.7.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vmhx-hwph-q6mc", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vmhx-hwph-q6mc" + }, + { + "url": "https://github.com/nextcloud/mail/pull/9964", + "refsource": "MISC", + "name": "https://github.com/nextcloud/mail/pull/9964" + }, + { + "url": "https://github.com/nextcloud/mail/commit/a84c70e15d814dab6f0e8eda71bbaaf48152079b", + "refsource": "MISC", + "name": "https://github.com/nextcloud/mail/commit/a84c70e15d814dab6f0e8eda71bbaaf48152079b" + }, + { + "url": "https://hackerone.com/reports/2508422", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2508422" + } + ] + }, + "source": { + "advisory": "GHSA-vmhx-hwph-q6mc", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52509.json b/2024/52xxx/CVE-2024-52509.json index 152f43b2e59..8f5de93d47b 100644 --- a/2024/52xxx/CVE-2024-52509.json +++ b/2024/52xxx/CVE-2024-52509.json @@ -1,17 +1,108 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52509", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded to 2.2.10, 3.6.2 or 3.7.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284: Improper Access Control", + "cweId": "CWE-284" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">=2.2.0, < 2.2.10" + }, + { + "version_affected": "=", + "version_value": ">= 3.6.0, < 3.6.2" + }, + { + "version_affected": "=", + "version_value": ">= 3.7.0, < 3.7.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-pwpp-fvcr-w862", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-pwpp-fvcr-w862" + }, + { + "url": "https://github.com/nextcloud/mail/pull/9592", + "refsource": "MISC", + "name": "https://github.com/nextcloud/mail/pull/9592" + }, + { + "url": "https://github.com/nextcloud/mail/commit/8d44f1ce44684022aa4e62a3e0462fdadcde6c8b", + "refsource": "MISC", + "name": "https://github.com/nextcloud/mail/commit/8d44f1ce44684022aa4e62a3e0462fdadcde6c8b" + }, + { + "url": "https://hackerone.com/reports/1878255", + "refsource": "MISC", + "name": "https://hackerone.com/reports/1878255" + } + ] + }, + "source": { + "advisory": "GHSA-pwpp-fvcr-w862", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52510.json b/2024/52xxx/CVE-2024-52510.json index b95fab20339..33f7062b898 100644 --- a/2024/52xxx/CVE-2024-52510.json +++ b/2024/52xxx/CVE-2024-52510.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52510", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Desktop client is upgraded to 3.14.2 or later." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-295: Improper Certificate Validation", + "cweId": "CWE-295" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 3.0.0, < 3.14.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-r4qc-m9mj-452v", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-r4qc-m9mj-452v" + }, + { + "url": "https://github.com/nextcloud/desktop/pull/7333", + "refsource": "MISC", + "name": "https://github.com/nextcloud/desktop/pull/7333" + }, + { + "url": "https://github.com/nextcloud/desktop/commit/97539218e6f63c3a3fd1694cb7d8aef27c5910d7", + "refsource": "MISC", + "name": "https://github.com/nextcloud/desktop/commit/97539218e6f63c3a3fd1694cb7d8aef27c5910d7" + }, + { + "url": "https://hackerone.com/reports/2597504", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2597504" + } + ] + }, + "source": { + "advisory": "GHSA-r4qc-m9mj-452v", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52511.json b/2024/52xxx/CVE-2024-52511.json index 4bccb1e0945..e7b318e4a6b 100644 --- a/2024/52xxx/CVE-2024-52511.json +++ b/2024/52xxx/CVE-2024-52511.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52511", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud Tables allows users to to create tables with individual columns. By directly specifying the ID of a table or view, a malicious user could blindly insert new rows into tables they have no access to. It is recommended that the Nextcloud Tables is upgraded to 0.8.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639: Authorization Bypass Through User-Controlled Key", + "cweId": "CWE-639" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 0.6.0, < 0.8.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4qqp-9h2g-7qg7", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4qqp-9h2g-7qg7" + }, + { + "url": "https://github.com/nextcloud/tables/pull/1351", + "refsource": "MISC", + "name": "https://github.com/nextcloud/tables/pull/1351" + }, + { + "url": "https://github.com/nextcloud/tables/commit/52846ad81fe192ee977f14c82a229b0d9cdc406c", + "refsource": "MISC", + "name": "https://github.com/nextcloud/tables/commit/52846ad81fe192ee977f14c82a229b0d9cdc406c" + }, + { + "url": "https://hackerone.com/reports/2671404", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2671404" + } + ] + }, + "source": { + "advisory": "GHSA-4qqp-9h2g-7qg7", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52512.json b/2024/52xxx/CVE-2024-52512.json index 8dde54c6aeb..e5136a82184 100644 --- a/2024/52xxx/CVE-2024-52512.json +++ b/2024/52xxx/CVE-2024-52512.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52512", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "user_oidc app is an OpenID Connect user backend for Nextcloud. A malicious user could send a malformed login link that would redirect the user to a provided URL after successfully authenticating. It is recommended that the Nextcloud User OIDC app is upgraded to 6.1.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", + "cweId": "CWE-601" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 6.0.0, < 6.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-784j-x2g5-4g7q", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-784j-x2g5-4g7q" + }, + { + "url": "https://github.com/nextcloud/user_oidc/pull/961", + "refsource": "MISC", + "name": "https://github.com/nextcloud/user_oidc/pull/961" + }, + { + "url": "https://github.com/nextcloud/user_oidc/commit/c923428d51972f6d04636c6accbecdec0c1b88e9", + "refsource": "MISC", + "name": "https://github.com/nextcloud/user_oidc/commit/c923428d51972f6d04636c6accbecdec0c1b88e9" + }, + { + "url": "https://hackerone.com/reports/2720030", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2720030" + } + ] + }, + "source": { + "advisory": "GHSA-784j-x2g5-4g7q", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52513.json b/2024/52xxx/CVE-2024-52513.json index dacc21ae2ee..bb2a7297381 100644 --- a/2024/52xxx/CVE-2024-52513.json +++ b/2024/52xxx/CVE-2024-52513.json @@ -1,17 +1,108 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52513", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud Server is a self hosted personal cloud system. After receiving a \"Files drop\" or \"Password protected\" share link a malicious user was able to download attachments that are referenced in Text files without providing the password. It is recommended that the Nextcloud Server is upgraded to 28.0.11, 29.0.8 or 30.0.1 and Nextcloud Enterprise Server is upgraded to 25.0.13.13, 26.0.13.9, 27.1.11.9, 28.0.11, 29.0.8 or 30.0.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 28.0.0, < 28.0.11" + }, + { + "version_affected": "=", + "version_value": ">= 29.0.0, < 29.0.8" + }, + { + "version_affected": "=", + "version_value": ">= 30.0.0, < 30.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-gxph-5m4j-pfmj", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-gxph-5m4j-pfmj" + }, + { + "url": "https://github.com/nextcloud/text/pull/6485", + "refsource": "MISC", + "name": "https://github.com/nextcloud/text/pull/6485" + }, + { + "url": "https://github.com/nextcloud/text/commit/ca24b25c93b81626b4e457c260243edeab5f1548", + "refsource": "MISC", + "name": "https://github.com/nextcloud/text/commit/ca24b25c93b81626b4e457c260243edeab5f1548" + }, + { + "url": "https://hackerone.com/reports/2376900", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2376900" + } + ] + }, + "source": { + "advisory": "GHSA-gxph-5m4j-pfmj", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 2.6, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52514.json b/2024/52xxx/CVE-2024-52514.json index b7872f48578..34eb0e4a10b 100644 --- a/2024/52xxx/CVE-2024-52514.json +++ b/2024/52xxx/CVE-2024-52514.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52514", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud Server is a self hosted personal cloud system. After a user received a share with some files inside being blocked by the files access control, the user would still be able to copy the intermediate folder inside Nextcloud allowing them to afterwards potentially access the blocked files depending on the user access control rules. It is recommended that the Nextcloud Server is upgraded to 27.1.9, 28.0.5 or 29.0.0 and Nextcloud Enterprise Server is upgraded to 21.0.9.18, 22.2.10.23, 23.0.12.18, 24.0.12.14, 25.0.13.9, 26.0.13.3, 27.1.9, 28.0.5 or 29.0.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284: Improper Access Control", + "cweId": "CWE-284" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 28.0.0, < 28.0.5" + }, + { + "version_affected": "=", + "version_value": ">= 27.0.0, < 27.1.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-g8pr-g25r-58xj", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-g8pr-g25r-58xj" + }, + { + "url": "https://github.com/nextcloud/server/pull/44889", + "refsource": "MISC", + "name": "https://github.com/nextcloud/server/pull/44889" + }, + { + "url": "https://github.com/nextcloud/server/commit/5fffbcfe8650eab75b00e8d188fbc95b0e43f3a8", + "refsource": "MISC", + "name": "https://github.com/nextcloud/server/commit/5fffbcfe8650eab75b00e8d188fbc95b0e43f3a8" + }, + { + "url": "https://hackerone.com/reports/2447316", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2447316" + } + ] + }, + "source": { + "advisory": "GHSA-g8pr-g25r-58xj", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52515.json b/2024/52xxx/CVE-2024-52515.json index ef91b3d2480..972f8234997 100644 --- a/2024/52xxx/CVE-2024-52515.json +++ b/2024/52xxx/CVE-2024-52515.json @@ -1,17 +1,108 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52515", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If the file would exist the preview of the SVG would preview the other file instead. It is recommended that the Nextcloud Server is upgraded to 27.1.10, 28.0.6 or 29.0.1 and Nextcloud Enterprise Server is upgraded to 24.0.12.15, 25.0.13.10, 26.0.13.4, 27.1.10, 28.0.6 or 29.0.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-706: Use of Incorrectly-Resolved Name or Reference", + "cweId": "CWE-706" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nextcloud", + "product": { + "product_data": [ + { + "product_name": "security-advisories", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 29.0.0, < 29.0.1" + }, + { + "version_affected": "=", + "version_value": ">= 28.0.0, < 28.0.6" + }, + { + "version_affected": "=", + "version_value": ">= 27.0.0, < 27.1.10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5m5g-hw8c-2236", + "refsource": "MISC", + "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5m5g-hw8c-2236" + }, + { + "url": "https://github.com/nextcloud/server/pull/45340", + "refsource": "MISC", + "name": "https://github.com/nextcloud/server/pull/45340" + }, + { + "url": "https://github.com/nextcloud/server/commit/7e1c30f82a63fbea8c269e0eec38291377f32604", + "refsource": "MISC", + "name": "https://github.com/nextcloud/server/commit/7e1c30f82a63fbea8c269e0eec38291377f32604" + }, + { + "url": "https://hackerone.com/reports/2484499", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2484499" + } + ] + }, + "source": { + "advisory": "GHSA-5m5g-hw8c-2236", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/52xxx/CVE-2024-52522.json b/2024/52xxx/CVE-2024-52522.json index 593255ce466..7dca7b90125 100644 --- a/2024/52xxx/CVE-2024-52522.json +++ b/2024/52xxx/CVE-2024-52522.json @@ -1,18 +1,91 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-52522", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files, compromising system integrity, confidentiality, and availability. This vulnerability is fixed in 1.68.2." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-61: UNIX Symbolic Link (Symlink) Following", + "cweId": "CWE-61" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-281: Improper Preservation of Permissions", + "cweId": "CWE-281" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "rclone", + "product": { + "product_data": [ + { + "product_name": "rclone", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 1.59.0, < 1.68.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rclone/rclone/security/advisories/GHSA-hrxh-9w67-g4cv", + "refsource": "MISC", + "name": "https://github.com/rclone/rclone/security/advisories/GHSA-hrxh-9w67-g4cv" + }, + { + "url": "https://github.com/rclone/rclone/commit/01ccf204f42b4f68541b16843292439090a2dcf0", + "refsource": "MISC", + "name": "https://github.com/rclone/rclone/commit/01ccf204f42b4f68541b16843292439090a2dcf0" + } + ] + }, + "source": { + "advisory": "GHSA-hrxh-9w67-g4cv", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52791.json b/2024/52xxx/CVE-2024-52791.json new file mode 100644 index 00000000000..cae56dfb540 --- /dev/null +++ b/2024/52xxx/CVE-2024-52791.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52791", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52792.json b/2024/52xxx/CVE-2024-52792.json new file mode 100644 index 00000000000..8a928187f4f --- /dev/null +++ b/2024/52xxx/CVE-2024-52792.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52792", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52793.json b/2024/52xxx/CVE-2024-52793.json new file mode 100644 index 00000000000..d8aea9f2eec --- /dev/null +++ b/2024/52xxx/CVE-2024-52793.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52793", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52794.json b/2024/52xxx/CVE-2024-52794.json new file mode 100644 index 00000000000..83ed3532a29 --- /dev/null +++ b/2024/52xxx/CVE-2024-52794.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52794", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52795.json b/2024/52xxx/CVE-2024-52795.json new file mode 100644 index 00000000000..21b922eba88 --- /dev/null +++ b/2024/52xxx/CVE-2024-52795.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52795", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52796.json b/2024/52xxx/CVE-2024-52796.json new file mode 100644 index 00000000000..80e78c783f2 --- /dev/null +++ b/2024/52xxx/CVE-2024-52796.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52796", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52797.json b/2024/52xxx/CVE-2024-52797.json new file mode 100644 index 00000000000..163f0d05a57 --- /dev/null +++ b/2024/52xxx/CVE-2024-52797.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52797", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52798.json b/2024/52xxx/CVE-2024-52798.json new file mode 100644 index 00000000000..f469b9f5164 --- /dev/null +++ b/2024/52xxx/CVE-2024-52798.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52798", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52799.json b/2024/52xxx/CVE-2024-52799.json new file mode 100644 index 00000000000..1abf75d05d9 --- /dev/null +++ b/2024/52xxx/CVE-2024-52799.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52799", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52800.json b/2024/52xxx/CVE-2024-52800.json new file mode 100644 index 00000000000..6a41ef06a1f --- /dev/null +++ b/2024/52xxx/CVE-2024-52800.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52800", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52801.json b/2024/52xxx/CVE-2024-52801.json new file mode 100644 index 00000000000..c721e1f1450 --- /dev/null +++ b/2024/52xxx/CVE-2024-52801.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52801", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52802.json b/2024/52xxx/CVE-2024-52802.json new file mode 100644 index 00000000000..3d4ad532cca --- /dev/null +++ b/2024/52xxx/CVE-2024-52802.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52802", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52803.json b/2024/52xxx/CVE-2024-52803.json new file mode 100644 index 00000000000..f50e4ed7809 --- /dev/null +++ b/2024/52xxx/CVE-2024-52803.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52803", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52804.json b/2024/52xxx/CVE-2024-52804.json new file mode 100644 index 00000000000..24ad0761535 --- /dev/null +++ b/2024/52xxx/CVE-2024-52804.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52804", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52805.json b/2024/52xxx/CVE-2024-52805.json new file mode 100644 index 00000000000..4ade9bf2c0d --- /dev/null +++ b/2024/52xxx/CVE-2024-52805.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52805", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52806.json b/2024/52xxx/CVE-2024-52806.json new file mode 100644 index 00000000000..9293c8f8c42 --- /dev/null +++ b/2024/52xxx/CVE-2024-52806.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52806", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52807.json b/2024/52xxx/CVE-2024-52807.json new file mode 100644 index 00000000000..c0713bd365d --- /dev/null +++ b/2024/52xxx/CVE-2024-52807.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52807", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52808.json b/2024/52xxx/CVE-2024-52808.json new file mode 100644 index 00000000000..fdccd7dca5a --- /dev/null +++ b/2024/52xxx/CVE-2024-52808.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52808", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52809.json b/2024/52xxx/CVE-2024-52809.json new file mode 100644 index 00000000000..f36928237e7 --- /dev/null +++ b/2024/52xxx/CVE-2024-52809.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52809", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52810.json b/2024/52xxx/CVE-2024-52810.json new file mode 100644 index 00000000000..bc946be0a22 --- /dev/null +++ b/2024/52xxx/CVE-2024-52810.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52810", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52811.json b/2024/52xxx/CVE-2024-52811.json new file mode 100644 index 00000000000..643b37adbd7 --- /dev/null +++ b/2024/52xxx/CVE-2024-52811.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52811", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52812.json b/2024/52xxx/CVE-2024-52812.json new file mode 100644 index 00000000000..0376db6a186 --- /dev/null +++ b/2024/52xxx/CVE-2024-52812.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52812", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52813.json b/2024/52xxx/CVE-2024-52813.json new file mode 100644 index 00000000000..06f459dce89 --- /dev/null +++ b/2024/52xxx/CVE-2024-52813.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52813", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52814.json b/2024/52xxx/CVE-2024-52814.json new file mode 100644 index 00000000000..23eddc85936 --- /dev/null +++ b/2024/52xxx/CVE-2024-52814.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52814", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/52xxx/CVE-2024-52815.json b/2024/52xxx/CVE-2024-52815.json new file mode 100644 index 00000000000..1ed06e0b774 --- /dev/null +++ b/2024/52xxx/CVE-2024-52815.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-52815", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file