From 1fa0c309d9c7338673f6e5498c4c719e05c6dce4 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 2 Apr 2024 12:04:02 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/4xxx/CVE-2023-4459.json | 19 +++++++ 2023/52xxx/CVE-2023-52608.json | 2 +- 2023/6xxx/CVE-2023-6546.json | 19 +++++++ 2024/0xxx/CVE-2024-0258.json | 10 ---- 2024/1xxx/CVE-2024-1979.json | 6 +++ 2024/23xxx/CVE-2024-23225.json | 30 ----------- 2024/23xxx/CVE-2024-23252.json | 5 -- 2024/23xxx/CVE-2024-23254.json | 20 ------- 2024/23xxx/CVE-2024-23263.json | 20 ------- 2024/23xxx/CVE-2024-23273.json | 5 -- 2024/23xxx/CVE-2024-23280.json | 15 ------ 2024/23xxx/CVE-2024-23284.json | 15 ------ 2024/23xxx/CVE-2024-23296.json | 20 ------- 2024/26xxx/CVE-2024-26629.json | 2 +- 2024/28xxx/CVE-2024-28121.json | 5 ++ 2024/2xxx/CVE-2024-2182.json | 2 +- 2024/2xxx/CVE-2024-2247.json | 2 +- 2024/2xxx/CVE-2024-2418.json | 95 ++-------------------------------- 18 files changed, 57 insertions(+), 235 deletions(-) diff --git a/2023/4xxx/CVE-2023-4459.json b/2023/4xxx/CVE-2023-4459.json index 3c32bd7732f..878fe1755ce 100644 --- a/2023/4xxx/CVE-2023-4459.json +++ b/2023/4xxx/CVE-2023-4459.json @@ -98,6 +98,20 @@ ], "defaultStatus": "affected" } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:5.14.0-70.93.1.rt21.165.el9_0", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } } ] } @@ -225,6 +239,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1250" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1306", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1306" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4459", "refsource": "MISC", diff --git a/2023/52xxx/CVE-2023-52608.json b/2023/52xxx/CVE-2023-52608.json index d5e311455e2..30ed781ffb8 100644 --- a/2023/52xxx/CVE-2023-52608.json +++ b/2023/52xxx/CVE-2023-52608.json @@ -82,7 +82,7 @@ "versionType": "custom" }, { - "version": "6.8", + "version": "6.8-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" diff --git a/2023/6xxx/CVE-2023-6546.json b/2023/6xxx/CVE-2023-6546.json index a3ffff67b81..be298a0f672 100644 --- a/2023/6xxx/CVE-2023-6546.json +++ b/2023/6xxx/CVE-2023-6546.json @@ -105,6 +105,20 @@ "defaultStatus": "affected" } }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:5.14.0-70.93.1.rt21.165.el9_0", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, { "version_value": "not down converted", "x_cve_json_5_version_data": { @@ -303,6 +317,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1253" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1306", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1306" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-6546", "refsource": "MISC", diff --git a/2024/0xxx/CVE-2024-0258.json b/2024/0xxx/CVE-2024-0258.json index cd30be6044d..2f543411d04 100644 --- a/2024/0xxx/CVE-2024-0258.json +++ b/2024/0xxx/CVE-2024-0258.json @@ -114,16 +114,6 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/21", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/21" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/25", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/25" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/24", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/1xxx/CVE-2024-1979.json b/2024/1xxx/CVE-2024-1979.json index 5296f5c4957..1bb61e4ce64 100644 --- a/2024/1xxx/CVE-2024-1979.json +++ b/2024/1xxx/CVE-2024-1979.json @@ -69,6 +69,12 @@ "x_cve_json_5_version_data": { "defaultStatus": "affected" } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } } ] } diff --git a/2024/23xxx/CVE-2024-23225.json b/2024/23xxx/CVE-2024-23225.json index fa76433003a..f5688f12ebd 100644 --- a/2024/23xxx/CVE-2024-23225.json +++ b/2024/23xxx/CVE-2024-23225.json @@ -103,36 +103,6 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/18", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/18" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/21", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/21" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/25", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/25" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/24", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/24" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/22", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/22" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/23", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/23" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/26", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/26" } ] } diff --git a/2024/23xxx/CVE-2024-23252.json b/2024/23xxx/CVE-2024-23252.json index bfef2215a2b..7775b0d2e9f 100644 --- a/2024/23xxx/CVE-2024-23252.json +++ b/2024/23xxx/CVE-2024-23252.json @@ -97,11 +97,6 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/20", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/20" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/21", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/21" } ] } diff --git a/2024/23xxx/CVE-2024-23254.json b/2024/23xxx/CVE-2024-23254.json index 3927afc5005..53d520cfe38 100644 --- a/2024/23xxx/CVE-2024-23254.json +++ b/2024/23xxx/CVE-2024-23254.json @@ -148,26 +148,6 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/20", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/20" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/21", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/21" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/25", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/25" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/24", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/24" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/26", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/26" } ] } diff --git a/2024/23xxx/CVE-2024-23263.json b/2024/23xxx/CVE-2024-23263.json index dba5e9e7f28..2257eb2a659 100644 --- a/2024/23xxx/CVE-2024-23263.json +++ b/2024/23xxx/CVE-2024-23263.json @@ -153,26 +153,6 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/20", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/20" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/21", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/21" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/25", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/25" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/24", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/24" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/26", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/26" } ] } diff --git a/2024/23xxx/CVE-2024-23273.json b/2024/23xxx/CVE-2024-23273.json index 9f2cbb4f674..04d570005ae 100644 --- a/2024/23xxx/CVE-2024-23273.json +++ b/2024/23xxx/CVE-2024-23273.json @@ -97,11 +97,6 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/20", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/20" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/21", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/21" } ] } diff --git a/2024/23xxx/CVE-2024-23280.json b/2024/23xxx/CVE-2024-23280.json index 3c7d301fffa..2f071d6dedd 100644 --- a/2024/23xxx/CVE-2024-23280.json +++ b/2024/23xxx/CVE-2024-23280.json @@ -131,21 +131,6 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/20", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/20" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/21", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/21" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/25", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/25" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/24", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23284.json b/2024/23xxx/CVE-2024-23284.json index 58e72c5936e..331fdd50728 100644 --- a/2024/23xxx/CVE-2024-23284.json +++ b/2024/23xxx/CVE-2024-23284.json @@ -158,21 +158,6 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/21", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/21" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/25", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/25" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/24", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/24" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/26", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/26" } ] } diff --git a/2024/23xxx/CVE-2024-23296.json b/2024/23xxx/CVE-2024-23296.json index d8672adb467..0648502a915 100644 --- a/2024/23xxx/CVE-2024-23296.json +++ b/2024/23xxx/CVE-2024-23296.json @@ -83,26 +83,6 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/18", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/18" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/21", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/21" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/25", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/25" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/24", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/24" - }, - { - "url": "http://seclists.org/fulldisclosure/2024/Mar/26", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2024/Mar/26" } ] } diff --git a/2024/26xxx/CVE-2024-26629.json b/2024/26xxx/CVE-2024-26629.json index fb0f60c0543..fbd9991a0b5 100644 --- a/2024/26xxx/CVE-2024-26629.json +++ b/2024/26xxx/CVE-2024-26629.json @@ -76,7 +76,7 @@ "versionType": "custom" }, { - "version": "6.8", + "version": "6.8-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" diff --git a/2024/28xxx/CVE-2024-28121.json b/2024/28xxx/CVE-2024-28121.json index 112a2a40c98..b4faf28866c 100644 --- a/2024/28xxx/CVE-2024-28121.json +++ b/2024/28xxx/CVE-2024-28121.json @@ -82,6 +82,11 @@ "url": "https://github.com/stimulusreflex/stimulus_reflex/releases/tag/v3.5.0.rc4", "refsource": "MISC", "name": "https://github.com/stimulusreflex/stimulus_reflex/releases/tag/v3.5.0.rc4" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/16", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/16" } ] }, diff --git a/2024/2xxx/CVE-2024-2182.json b/2024/2xxx/CVE-2024-2182.json index 0c5781c8ee7..856151b6898 100644 --- a/2024/2xxx/CVE-2024-2182.json +++ b/2024/2xxx/CVE-2024-2182.json @@ -175,7 +175,7 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "affected" + "defaultStatus": "unknown" } }, { diff --git a/2024/2xxx/CVE-2024-2247.json b/2024/2xxx/CVE-2024-2247.json index bbf9ca4db48..b5ca0571cf9 100644 --- a/2024/2xxx/CVE-2024-2247.json +++ b/2024/2xxx/CVE-2024-2247.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "JFrog Artifactory versions below 7.77.7, 7.82.1, are vulnerable to DOM-based cross-site scripting due to improper handling of the import override mechanism." + "value": "JFrog Artifactory versions below 7.77.7, are vulnerable to DOM-based cross-site scripting due to improper handling of the import override mechanism." } ] }, diff --git a/2024/2xxx/CVE-2024-2418.json b/2024/2xxx/CVE-2024-2418.json index 06cf45dc2a8..98838885ee1 100644 --- a/2024/2xxx/CVE-2024-2418.json +++ b/2024/2xxx/CVE-2024-2418.json @@ -1,104 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-2418", - "ASSIGNER": "cna@vuldb.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view_order.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256705 was assigned to this vulnerability." - }, - { - "lang": "deu", - "value": "In SourceCodester Best POS Management System 1.0 wurde eine kritische Schwachstelle ausgemacht. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /view_order.php. Durch das Beeinflussen des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-89 SQL Injection", - "cweId": "CWE-89" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "SourceCodester", - "product": { - "product_data": [ - { - "product_name": "Best POS Management System", - "version": { - "version_data": [ - { - "version_affected": "=", - "version_value": "1.0" - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://vuldb.com/?id.256705", - "refsource": "MISC", - "name": "https://vuldb.com/?id.256705" - }, - { - "url": "https://vuldb.com/?ctiid.256705", - "refsource": "MISC", - "name": "https://vuldb.com/?ctiid.256705" - }, - { - "url": "https://github.com/ycxdzj/CVE_Hunter/blob/main/SQLi-6.md", - "refsource": "MISC", - "name": "https://github.com/ycxdzj/CVE_Hunter/blob/main/SQLi-6.md" - } - ] - }, - "credits": [ - { - "lang": "en", - "value": "hjhctzz (VulDB User)" - } - ], - "impact": { - "cvss": [ - { - "version": "3.1", - "baseScore": 6.3, - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", - "baseSeverity": "MEDIUM" - }, - { - "version": "3.0", - "baseScore": 6.3, - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", - "baseSeverity": "MEDIUM" - }, - { - "version": "2.0", - "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] }