From 22cbd16f3461deed8936518caa6835616c4ee23c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 3 Jan 2025 15:00:55 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/13xxx/CVE-2024-13129.json | 18 ++++++++ 2024/41xxx/CVE-2024-41780.json | 78 ++++++++++++++++++++++++++++++++-- 2024/48xxx/CVE-2024-48814.json | 66 +++++++++++++++++++++++++--- 2024/55xxx/CVE-2024-55078.json | 61 +++++++++++++++++++++++--- 2024/5xxx/CVE-2024-5591.json | 78 ++++++++++++++++++++++++++++++++-- 2025/22xxx/CVE-2025-22366.json | 18 ++++++++ 2025/22xxx/CVE-2025-22367.json | 18 ++++++++ 2025/22xxx/CVE-2025-22368.json | 18 ++++++++ 2025/22xxx/CVE-2025-22369.json | 18 ++++++++ 2025/22xxx/CVE-2025-22370.json | 18 ++++++++ 2025/22xxx/CVE-2025-22371.json | 18 ++++++++ 2025/22xxx/CVE-2025-22372.json | 18 ++++++++ 2025/22xxx/CVE-2025-22373.json | 18 ++++++++ 2025/22xxx/CVE-2025-22374.json | 18 ++++++++ 2025/22xxx/CVE-2025-22375.json | 18 ++++++++ 15 files changed, 461 insertions(+), 20 deletions(-) create mode 100644 2024/13xxx/CVE-2024-13129.json create mode 100644 2025/22xxx/CVE-2025-22366.json create mode 100644 2025/22xxx/CVE-2025-22367.json create mode 100644 2025/22xxx/CVE-2025-22368.json create mode 100644 2025/22xxx/CVE-2025-22369.json create mode 100644 2025/22xxx/CVE-2025-22370.json create mode 100644 2025/22xxx/CVE-2025-22371.json create mode 100644 2025/22xxx/CVE-2025-22372.json create mode 100644 2025/22xxx/CVE-2025-22373.json create mode 100644 2025/22xxx/CVE-2025-22374.json create mode 100644 2025/22xxx/CVE-2025-22375.json diff --git a/2024/13xxx/CVE-2024-13129.json b/2024/13xxx/CVE-2024-13129.json new file mode 100644 index 00000000000..c10fc88ef4f --- /dev/null +++ b/2024/13xxx/CVE-2024-13129.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13129", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/41xxx/CVE-2024-41780.json b/2024/41xxx/CVE-2024-41780.json index a9bb9f370d4..efed3ac9113 100644 --- a/2024/41xxx/CVE-2024-41780.json +++ b/2024/41xxx/CVE-2024-41780.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41780", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could \n\ncould allow a physical user to obtain sensitive information due to not masking passwords during entry." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-359 Exposure of Private Information ('Privacy Violation')", + "cweId": "CWE-359" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Jazz Foundation", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.0.2, 7.0.3, 7.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7180119", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7180119" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "PHYSICAL", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/48xxx/CVE-2024-48814.json b/2024/48xxx/CVE-2024-48814.json index 574630864fa..911eda1f335 100644 --- a/2024/48xxx/CVE-2024-48814.json +++ b/2024/48xxx/CVE-2024-48814.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-48814", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-48814", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Silverpeas/Silverpeas-Core/pull/1353", + "refsource": "MISC", + "name": "https://github.com/Silverpeas/Silverpeas-Core/pull/1353" + }, + { + "url": "https://github.com/Silverpeas/Silverpeas-Components/pull/859", + "refsource": "MISC", + "name": "https://github.com/Silverpeas/Silverpeas-Components/pull/859" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/SubZ3r0-0x01/7150f7cbc3b7d810adb221cae3d08fc8", + "url": "https://gist.github.com/SubZ3r0-0x01/7150f7cbc3b7d810adb221cae3d08fc8" } ] } diff --git a/2024/55xxx/CVE-2024-55078.json b/2024/55xxx/CVE-2024-55078.json index a8f4571d9e5..ea2cd075f16 100644 --- a/2024/55xxx/CVE-2024-55078.json +++ b/2024/55xxx/CVE-2024-55078.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-55078", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-55078", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An arbitrary file upload vulnerability in the component /adminUser/updateImg of WukongCRM-11.0-JAVA v11.3.3 allows attackers to execute arbitrary code via uploading a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/summerxxoo/VulnPoc/blob/main/WukongCRM-11.0-JAVA%20-File%20upload%20across%20directories.md", + "refsource": "MISC", + "name": "https://github.com/summerxxoo/VulnPoc/blob/main/WukongCRM-11.0-JAVA%20-File%20upload%20across%20directories.md" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/summerxxoo/8a0c9905feda6e192c10b860888afd26", + "url": "https://gist.github.com/summerxxoo/8a0c9905feda6e192c10b860888afd26" } ] } diff --git a/2024/5xxx/CVE-2024-5591.json b/2024/5xxx/CVE-2024-5591.json index bf7e84ec767..adad1beb4ae 100644 --- a/2024/5xxx/CVE-2024-5591.json +++ b/2024/5xxx/CVE-2024-5591.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5591", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-209 Generation of Error Message Containing Sensitive Information", + "cweId": "CWE-209" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Jazz Foundation", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.0.2, 7.0.3, 7.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7180120", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7180120" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2025/22xxx/CVE-2025-22366.json b/2025/22xxx/CVE-2025-22366.json new file mode 100644 index 00000000000..f19039a6083 --- /dev/null +++ b/2025/22xxx/CVE-2025-22366.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22366", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22367.json b/2025/22xxx/CVE-2025-22367.json new file mode 100644 index 00000000000..7c18850dd4a --- /dev/null +++ b/2025/22xxx/CVE-2025-22367.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22367", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22368.json b/2025/22xxx/CVE-2025-22368.json new file mode 100644 index 00000000000..71454f1a022 --- /dev/null +++ b/2025/22xxx/CVE-2025-22368.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22368", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22369.json b/2025/22xxx/CVE-2025-22369.json new file mode 100644 index 00000000000..59b44604c81 --- /dev/null +++ b/2025/22xxx/CVE-2025-22369.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22369", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22370.json b/2025/22xxx/CVE-2025-22370.json new file mode 100644 index 00000000000..5c0fd2fdc09 --- /dev/null +++ b/2025/22xxx/CVE-2025-22370.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22370", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22371.json b/2025/22xxx/CVE-2025-22371.json new file mode 100644 index 00000000000..4899eb600b7 --- /dev/null +++ b/2025/22xxx/CVE-2025-22371.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22371", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22372.json b/2025/22xxx/CVE-2025-22372.json new file mode 100644 index 00000000000..aff30240ba8 --- /dev/null +++ b/2025/22xxx/CVE-2025-22372.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22372", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22373.json b/2025/22xxx/CVE-2025-22373.json new file mode 100644 index 00000000000..846d17192da --- /dev/null +++ b/2025/22xxx/CVE-2025-22373.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22373", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22374.json b/2025/22xxx/CVE-2025-22374.json new file mode 100644 index 00000000000..5a7fe1903ba --- /dev/null +++ b/2025/22xxx/CVE-2025-22374.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22374", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22375.json b/2025/22xxx/CVE-2025-22375.json new file mode 100644 index 00000000000..845522f6cab --- /dev/null +++ b/2025/22xxx/CVE-2025-22375.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22375", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file