diff --git a/2016/5xxx/CVE-2016-5002.json b/2016/5xxx/CVE-2016-5002.json index f857722031a..bba87daa499 100644 --- a/2016/5xxx/CVE-2016-5002.json +++ b/2016/5xxx/CVE-2016-5002.json @@ -58,11 +58,6 @@ "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2016/07/12/5" }, - { - "url": "http://www.securityfocus.com/bid/91736", - "refsource": "MISC", - "name": "http://www.securityfocus.com/bid/91736" - }, { "url": "http://www.securitytracker.com/id/1036294", "refsource": "MISC", @@ -73,15 +68,25 @@ "refsource": "MISC", "name": "https://0ang3el.blogspot.in/2016/07/beware-of-ws-xmlrpc-library-in-your.html" }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/115042", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/115042" + }, + { + "url": "http://www.securityfocus.com/bid/91736", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/91736" + }, { "url": "https://access.redhat.com/errata/RHSA-2018:3768", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2018:3768" }, { - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/115042", + "url": "https://security.gentoo.org/glsa/202401-26", "refsource": "MISC", - "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/115042" + "name": "https://security.gentoo.org/glsa/202401-26" } ] } diff --git a/2016/5xxx/CVE-2016-5003.json b/2016/5xxx/CVE-2016-5003.json index 7de5ff93858..aa59c4ba5a0 100644 --- a/2016/5xxx/CVE-2016-5003.json +++ b/2016/5xxx/CVE-2016-5003.json @@ -59,15 +59,50 @@ "name": "http://www.openwall.com/lists/oss-security/2016/07/12/5" }, { - "url": "http://www.securityfocus.com/bid/91736", + "url": "https://access.redhat.com/errata/RHSA-2018:1779", "refsource": "MISC", - "name": "http://www.securityfocus.com/bid/91736" + "name": "https://access.redhat.com/errata/RHSA-2018:1779" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2018:1784", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2018:1784" + }, + { + "url": "http://www.securityfocus.com/bid/91738", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/91738" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2018:2317", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2018:2317" }, { "url": "http://www.securitytracker.com/id/1036294", "refsource": "MISC", "name": "http://www.securitytracker.com/id/1036294" }, + { + "url": "https://access.redhat.com/errata/RHSA-2018:1780", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2018:1780" + }, + { + "url": "https://0ang3el.blogspot.ru/2016/07/beware-of-ws-xmlrpc-library-in-your.html", + "refsource": "MISC", + "name": "https://0ang3el.blogspot.ru/2016/07/beware-of-ws-xmlrpc-library-in-your.html" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/115043", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/115043" + }, + { + "url": "http://www.securityfocus.com/bid/91736", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/91736" + }, { "url": "https://access.redhat.com/errata/RHSA-2018:3768", "refsource": "MISC", @@ -84,39 +119,9 @@ "name": "http://www.openwall.com/lists/oss-security/2020/01/24/2" }, { - "url": "http://www.securityfocus.com/bid/91738", + "url": "https://security.gentoo.org/glsa/202401-26", "refsource": "MISC", - "name": "http://www.securityfocus.com/bid/91738" - }, - { - "url": "https://0ang3el.blogspot.ru/2016/07/beware-of-ws-xmlrpc-library-in-your.html", - "refsource": "MISC", - "name": "https://0ang3el.blogspot.ru/2016/07/beware-of-ws-xmlrpc-library-in-your.html" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2018:1779", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2018:1779" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2018:1780", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2018:1780" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2018:1784", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2018:1784" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2018:2317", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2018:2317" - }, - { - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/115043", - "refsource": "MISC", - "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/115043" + "name": "https://security.gentoo.org/glsa/202401-26" } ] } diff --git a/2019/17xxx/CVE-2019-17570.json b/2019/17xxx/CVE-2019-17570.json index 82aae65fb62..93f74c79e46 100644 --- a/2019/17xxx/CVE-2019-17570.json +++ b/2019/17xxx/CVE-2019-17570.json @@ -93,6 +93,11 @@ "refsource": "MISC", "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-x2r6-4m45-m4jp", "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-x2r6-4m45-m4jp" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202401-26", + "url": "https://security.gentoo.org/glsa/202401-26" } ] }, diff --git a/2022/34xxx/CVE-2022-34364.json b/2022/34xxx/CVE-2022-34364.json index 7fed4c4c3a4..aa5ac94cdc5 100644 --- a/2022/34xxx/CVE-2022-34364.json +++ b/2022/34xxx/CVE-2022-34364.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "\n\n\nDell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.\n\n\n\n\n\n\n\n" + "value": "\n\n\nDell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.\n\n.\n\n\n\n\n\n\n\n" } ] }, @@ -41,7 +41,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "6.5,7.2" + "version_value": "All versions before 6.5, 7.0" } ] } diff --git a/2022/45xxx/CVE-2022-45793.json b/2022/45xxx/CVE-2022-45793.json index 532b3bc8d16..4562c93e05d 100644 --- a/2022/45xxx/CVE-2022-45793.json +++ b/2022/45xxx/CVE-2022-45793.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "[PROBLEMTYPE] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT]." + "value": "Sysmac Studio installs executables in a directory with poor permissions. This can allow a locally-authenticated attacker to overwrite files which will result in code execution with privileges of a different user." } ] }, diff --git a/2022/45xxx/CVE-2022-45794.json b/2022/45xxx/CVE-2022-45794.json index 10216afcb0a..6bb745598d7 100644 --- a/2022/45xxx/CVE-2022-45794.json +++ b/2022/45xxx/CVE-2022-45794.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files form the PLC internal memory and memory card.\n" + "value": "An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card.\n" } ] }, diff --git a/2023/7xxx/CVE-2023-7238.json b/2023/7xxx/CVE-2023-7238.json new file mode 100644 index 00000000000..60890cb6d05 --- /dev/null +++ b/2023/7xxx/CVE-2023-7238.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-7238", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0782.json b/2024/0xxx/CVE-2024-0782.json index 0352d7147e6..1234b430bca 100644 --- a/2024/0xxx/CVE-2024-0782.json +++ b/2024/0xxx/CVE-2024-0782.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0782", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251698 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "In CodeAstro Online Railway Reservation System 1.0 wurde eine problematische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion der Datei pass-profile.php. Durch das Manipulieren des Arguments First Name/Last Name/User Name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "CodeAstro", + "product": { + "product_data": [ + { + "product_name": "Online Railway Reservation System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.251698", + "refsource": "MISC", + "name": "https://vuldb.com/?id.251698" + }, + { + "url": "https://vuldb.com/?ctiid.251698", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.251698" + }, + { + "url": "https://drive.google.com/drive/folders/1ecVTReqCS_G8svyq3MG79E2y59psMcPn?usp=sharing", + "refsource": "MISC", + "name": "https://drive.google.com/drive/folders/1ecVTReqCS_G8svyq3MG79E2y59psMcPn?usp=sharing" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Mohammed Aashique (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2024/0xxx/CVE-2024-0785.json b/2024/0xxx/CVE-2024-0785.json new file mode 100644 index 00000000000..110bda0974a --- /dev/null +++ b/2024/0xxx/CVE-2024-0785.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0785", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0786.json b/2024/0xxx/CVE-2024-0786.json new file mode 100644 index 00000000000..c8a13965905 --- /dev/null +++ b/2024/0xxx/CVE-2024-0786.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0786", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/21xxx/CVE-2024-21795.json b/2024/21xxx/CVE-2024-21795.json new file mode 100644 index 00000000000..58d54567d5d --- /dev/null +++ b/2024/21xxx/CVE-2024-21795.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-21795", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22097.json b/2024/22xxx/CVE-2024-22097.json new file mode 100644 index 00000000000..74470c5388f --- /dev/null +++ b/2024/22xxx/CVE-2024-22097.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22097", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/23xxx/CVE-2024-23305.json b/2024/23xxx/CVE-2024-23305.json new file mode 100644 index 00000000000..21dbaec932f --- /dev/null +++ b/2024/23xxx/CVE-2024-23305.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-23305", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/23xxx/CVE-2024-23807.json b/2024/23xxx/CVE-2024-23807.json new file mode 100644 index 00000000000..2c239fb0648 --- /dev/null +++ b/2024/23xxx/CVE-2024-23807.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-23807", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/23xxx/CVE-2024-23809.json b/2024/23xxx/CVE-2024-23809.json new file mode 100644 index 00000000000..78ba4addff7 --- /dev/null +++ b/2024/23xxx/CVE-2024-23809.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-23809", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file