admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-11-12 18:00:51 +00:00
parent a13e7a7eea
commit 2b5a703d6c
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
26 changed files with 3303 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
2024/49xxx/CVE-2024-49014.json
View File

@ -1,17 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49014",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL Server Native Client Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-415: Double Free",
"cweId": "CWE-415"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SQL Server 2017 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.2070.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.2130.3"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.6455.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.7050.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2017 (CU 31)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.3485.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (CU 29)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.4410.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49014",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49014"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

125
2024/49xxx/CVE-2024-49015.json
View File

@ -1,17 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49015",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL Server Native Client Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SQL Server 2019 (CU 29)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.4410.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2017 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.2070.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.2130.3"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.6455.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.7050.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2017 (CU 31)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.3485.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49015",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49015"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

125
2024/49xxx/CVE-2024-49016.json
View File

@ -1,17 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49016",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL Server Native Client Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SQL Server 2017 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.2070.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.2130.3"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.6455.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.7050.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2017 (CU 31)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.3485.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (CU 29)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.4410.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49016",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49016"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

125
2024/49xxx/CVE-2024-49017.json
View File

@ -1,17 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49017",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL Server Native Client Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SQL Server 2017 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.2070.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.2130.3"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.6455.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.7050.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2017 (CU 31)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.3485.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (CU 29)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.4410.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49017",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49017"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

125
2024/49xxx/CVE-2024-49018.json
View File

@ -1,17 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49018",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL Server Native Client Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-197: Numeric Truncation Error",
"cweId": "CWE-197"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SQL Server 2017 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.2070.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.2130.3"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.6455.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.7050.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2017 (CU 31)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.3485.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (CU 29)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.4410.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49018",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49018"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

257
2024/49xxx/CVE-2024-49019.json
View File

@ -1,17 +1,266 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49019",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Active Directory Certificate Services Elevation of Privilege Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1390: Weak Authentication",
"cweId": "CWE-1390"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.6532"
}
]
}
},
{
"product_name": "Windows Server 2019 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.6532"
}
]
}
},
{
"product_name": "Windows Server 2022",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.20348.2849"
}
]
}
},
{
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.25398.1251"
}
]
}
},
{
"product_name": "Windows Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.7515"
}
]
}
},
{
"product_name": "Windows Server 2016 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.7515"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.6003.22966"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.6003.22966"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.6003.22966"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.1.0",
"version_value": "6.1.7601.27415"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.1.7601.27415"
}
]
}
},
{
"product_name": "Windows Server 2012",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.2.0",
"version_value": "6.2.9200.25165"
}
]
}
},
{
"product_name": "Windows Server 2012 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.2.0",
"version_value": "6.2.9200.25165"
}
]
}
},
{
"product_name": "Windows Server 2012 R2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.3.0",
"version_value": "6.3.9600.22267"
}
]
}
},
{
"product_name": "Windows Server 2012 R2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.3.0",
"version_value": "6.3.9600.22267"
}
]
}
},
{
"product_name": "Windows Server 2025",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.26100.2314"
}
]
}
},
{
"product_name": "Windows Server 2025 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.26100.2314"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49019",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49019"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

149
2024/49xxx/CVE-2024-49021.json
View File

@ -1,17 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49021",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft SQL Server Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SQL Server 2017 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.2070.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.2130.3"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.6455.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.7050.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2017 (CU 31)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.3485.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2022 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.1135.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (CU 29)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.4410.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2022 for (CU 15)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.4155.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49021",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49021"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

125
2024/49xxx/CVE-2024-49026.json
View File

@ -1,17 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49026",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft Excel Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
"cweId": "CWE-77"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office Online Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.0.10416.20007"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Excel 2016 Click-to-Run (C2R)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5474.1001"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49026",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49026"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

137
2024/49xxx/CVE-2024-49027.json
View File

@ -1,17 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49027",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft Excel Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Excel 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0.0",
"version_value": "16.0.5474.1001"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49027",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49027"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

137
2024/49xxx/CVE-2024-49028.json
View File

@ -1,17 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49028",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft Excel Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Excel 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0.0",
"version_value": "16.0.5474.1001"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49028",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49028"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

137
2024/49xxx/CVE-2024-49029.json
View File

@ -1,17 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49029",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft Excel Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-908: Use of Uninitialized Resource",
"cweId": "CWE-908"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Excel 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0.0",
"version_value": "16.0.5474.1001"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49029",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49029"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

137
2024/49xxx/CVE-2024-49030.json
View File

@ -1,17 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49030",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft Excel Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Excel 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0.0",
"version_value": "16.0.5474.1001"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49030",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49030"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

137
2024/49xxx/CVE-2024-49031.json
View File

@ -1,17 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49031",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft Office Graphics Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126: Buffer Over-read",
"cweId": "CWE-126"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5474.1000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49031",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49031"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

137
2024/49xxx/CVE-2024-49032.json
View File

@ -1,17 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49032",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft Office Graphics Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5474.1000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49032",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49032"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

137
2024/49xxx/CVE-2024-49033.json
View File

@ -1,17 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49033",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft Word Security Feature Bypass Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.91.24111020"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Word 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.0.5474.1000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49033",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49033"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

257
2024/49xxx/CVE-2024-49039.json
View File

@ -1,17 +1,266 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49039",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Windows Task Scheduler Elevation of Privilege Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows Server 2025",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.26100.2314"
}
]
}
},
{
"product_name": "Windows Server 2025 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.26100.2314"
}
]
}
},
{
"product_name": "Windows 10 Version 1809",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.6532"
}
]
}
},
{
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.6532"
}
]
}
},
{
"product_name": "Windows Server 2019 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.6532"
}
]
}
},
{
"product_name": "Windows Server 2022",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.20348.2849"
}
]
}
},
{
"product_name": "Windows 10 Version 21H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.19044.5131"
}
]
}
},
{
"product_name": "Windows 11 version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4460"
}
]
}
},
{
"product_name": "Windows 10 Version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.19045.5131"
}
]
}
},
{
"product_name": "Windows 11 version 22H3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22631.4460"
}
]
}
},
{
"product_name": "Windows 11 Version 23H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22631.4460"
}
]
}
},
{
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.25398.1251"
}
]
}
},
{
"product_name": "Windows 11 Version 24H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.26100.2314"
}
]
}
},
{
"product_name": "Windows 10 Version 1507",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.10240.20826"
}
]
}
},
{
"product_name": "Windows 10 Version 1607",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.7515"
}
]
}
},
{
"product_name": "Windows Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.7515"
}
]
}
},
{
"product_name": "Windows Server 2016 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.7515"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49039",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49039"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C"
}
]
}

89
2024/49xxx/CVE-2024-49040.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft Exchange Server Spoofing Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-451: User Interface (UI) Misrepresentation of Critical Information",
"cweId": "CWE-451"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Exchange Server 2019 Cumulative Update 13",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.02.0",
"version_value": "15.02.1258.038"
}
]
}
},
{
"product_name": "Microsoft Exchange Server 2019 Cumulative Update 14",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.02.0",
"version_value": "15.02.1544.013"
}
]
}
},
{
"product_name": "Microsoft Exchange Server 2016 Cumulative Update 23",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.01.0",
"version_value": "15.01.2507.043"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C"
}
]
}

149
2024/49xxx/CVE-2024-49043.json
View File

@ -1,17 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49043",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-426: Untrusted Search Path",
"cweId": "CWE-426"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SQL Server 2017 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.2070.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.2130.3"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.6455.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.0.0",
"version_value": "13.0.7050.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2017 (CU 31)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "14.0.0",
"version_value": "14.0.3485.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2022 (GDR)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.1135.2"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2019 (CU 29)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.0.0",
"version_value": "15.0.4410.1"
}
]
}
},
{
"product_name": "Microsoft SQL Server 2022 for (CU 15)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.4155.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49043",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49043"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

101
2024/49xxx/CVE-2024-49044.json
View File

@ -1,17 +1,110 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49044",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Visual Studio Elevation of Privilege Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Visual Studio 2022 version 17.6",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.6.0",
"version_value": "17.6.21"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.8",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.8.0",
"version_value": "17.8.16"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.10",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.10",
"version_value": "17.10.9"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.11",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.11",
"version_value": "17.11.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49044",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49044"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "MEDIUM",
"baseScore": 6.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C"
}
]
}

365
2024/49xxx/CVE-2024-49046.json
View File

@ -1,17 +1,374 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49046",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
"cweId": "CWE-367"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows 10 Version 1809",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.6532"
}
]
}
},
{
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.6532"
}
]
}
},
{
"product_name": "Windows Server 2019 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.6532"
}
]
}
},
{
"product_name": "Windows Server 2022",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.20348.2849"
}
]
}
},
{
"product_name": "Windows 10 Version 21H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.19044.5131"
}
]
}
},
{
"product_name": "Windows 11 version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22621.4460"
}
]
}
},
{
"product_name": "Windows 10 Version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.19045.5131"
}
]
}
},
{
"product_name": "Windows Server 2025 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.26100.2314"
}
]
}
},
{
"product_name": "Windows 11 version 22H3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22631.4460"
}
]
}
},
{
"product_name": "Windows 11 Version 23H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.22631.4460"
}
]
}
},
{
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.25398.1251"
}
]
}
},
{
"product_name": "Windows 11 Version 24H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.26100.2314"
}
]
}
},
{
"product_name": "Windows Server 2025",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.26100.2314"
}
]
}
},
{
"product_name": "Windows 10 Version 1507",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.10240.20826"
}
]
}
},
{
"product_name": "Windows 10 Version 1607",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.7515"
}
]
}
},
{
"product_name": "Windows Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.7515"
}
]
}
},
{
"product_name": "Windows Server 2016 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.7515"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.6003.22966"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.6003.22966"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.6003.22966"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.1.0",
"version_value": "6.1.7601.27415"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.1.7601.27415"
}
]
}
},
{
"product_name": "Windows Server 2012",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.2.0",
"version_value": "6.2.9200.25165"
}
]
}
},
{
"product_name": "Windows Server 2012 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.2.0",
"version_value": "6.2.9200.25165"
}
]
}
},
{
"product_name": "Windows Server 2012 R2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.3.0",
"version_value": "6.3.9600.22267"
}
]
}
},
{
"product_name": "Windows Server 2012 R2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.3.0",
"version_value": "6.3.9600.22267"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49046",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49046"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

65
2024/49xxx/CVE-2024-49048.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49048",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TorchGeo Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft TorchGeo",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "0.6.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49048",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49048"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

65
2024/49xxx/CVE-2024-49049.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49049",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Visual Studio Code Remote Extension Elevation of Privilege Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Visual Studio Code Remote - SSH Extension",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "0.115.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49049",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49049"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.1,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C"
}
]
}

65
2024/49xxx/CVE-2024-49050.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49050",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Visual Studio Code Python Extension Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-501: Trust boundary violation",
"cweId": "CWE-501"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Python extension for Visual Studio Code",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2020",
"version_value": "2024.18.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49050",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49050"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

65
2024/49xxx/CVE-2024-49051.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49051",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Microsoft PC Manager Elevation of Privilege Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')",
"cweId": "CWE-59"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft PC Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "3.14.10.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49051",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49051"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

64
2024/49xxx/CVE-2024-49056.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49056",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-302: Authentication Bypass by Assumed-Immutable Data",
"cweId": "CWE-302"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "airlift.microsoft.com",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49056",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49056"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C"
}
]
}

6
2024/8xxx/CVE-2024-8354.json
View File

@ -135,17 +135,17 @@
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]