admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-10-11 20:00:33 +00:00
parent 4e7161e67b
commit 3cb6567f1f
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
18 changed files with 796 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
2024/38xxx/CVE-2024-38365.json
View File

@ -1,17 +1,100 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-38365", "ID": "CVE-2024-38365",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-advisories@github.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's \"FindAndDelete()\" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block (or rejecting a valid one). This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). An attacker can create a standard transaction where FindAndDelete doesn't return a match but removeOpCodeByData does making btcd get a different sighash, leading to a chain split. Importantly, this vulnerability can be exploited remotely by any Bitcoin user and does not require any hash power. This is because the difference in behavior can be triggered by a \"standard\" Bitcoin transaction, that is a transaction which gets relayed through the P2P network before it gets included in a Bitcoin block. `removeOpcodeByData(script []byte, dataToRemove []byte)` removes any data pushes from `script` that contain `dataToRemove`. However, `FindAndDelete` only removes exact matches. So for example, with `script = \"<data> <data||foo>\"` and `dataToRemove = \"data\"` btcd will remove both data pushes but Bitcoin Core's `FindAndDelete` only removes the first `<data>` push. This has been patched in btcd version v0.24.2. Users are advised to upgrade. There are no known workarounds for this issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-670: Always-Incorrect Control Flow Implementation",
"cweId": "CWE-670"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "btcsuite",
"product": {
"product_data": [
{
"product_name": "btcd",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 0.10.0, < 0.24.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/btcsuite/btcd/security/advisories/GHSA-27vh-h6mc-q6g8",
"refsource": "MISC",
"name": "https://github.com/btcsuite/btcd/security/advisories/GHSA-27vh-h6mc-q6g8"
},
{
"url": "https://github.com/btcsuite/btcd/commit/04469e600e7d4a58881e2e5447d19024e49800f5",
"refsource": "MISC",
"name": "https://github.com/btcsuite/btcd/commit/04469e600e7d4a58881e2e5447d19024e49800f5"
},
{
"url": "https://delvingbitcoin.org/t/cve-2024-38365-public-disclosure-btcd-findanddelete-bug/1184",
"refsource": "MISC",
"name": "https://delvingbitcoin.org/t/cve-2024-38365-public-disclosure-btcd-findanddelete-bug/1184"
},
{
"url": "https://github.com/btcsuite/btcd/releases/tag/v0.24.2",
"refsource": "MISC",
"name": "https://github.com/btcsuite/btcd/releases/tag/v0.24.2"
}
]
},
"source": {
"advisory": "GHSA-27vh-h6mc-q6g8",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
} }
] ]
} }

63
2024/47xxx/CVE-2024-47884.json
View File

@ -1,18 +1,73 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-47884", "ID": "CVE-2024-47884",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-advisories@github.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "foxmarks is a CLI read-only interface for Firefox's bookmarks and history. A temporary file was created under the /tmp directory with read permissions for all users containing a copy of Firefox's database of bookmarks, history, input history, visits counter, use counter, view counter and more confidential information about the history of using Firefox. Permissions default to 0o600 for NamedTempFile. However, after copying the database, its permissions were copied with it resulting in an insecure file with 0x644 permissions. A malicious user is able to read the database when the targeted user executes foxmarks bookmarks or foxmarks history. This vulnerability is patched in v2.1.0."
} }
] ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-378: Creation of Temporary File With Insecure Permissions",
"cweId": "CWE-378"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "zefr0x",
"product": {
"product_data": [
{
"product_name": "foxmarks",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 2.1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/zefr0x/foxmarks/security/advisories/GHSA-8rh2-6pwm-5vvq",
"refsource": "MISC",
"name": "https://github.com/zefr0x/foxmarks/security/advisories/GHSA-8rh2-6pwm-5vvq"
},
{
"url": "https://github.com/zefr0x/foxmarks/commit/c3706bd882b3d61b353e4193f7d2dcfabd0c9a8e",
"refsource": "MISC",
"name": "https://github.com/zefr0x/foxmarks/commit/c3706bd882b3d61b353e4193f7d2dcfabd0c9a8e"
}
]
},
"source": {
"advisory": "GHSA-8rh2-6pwm-5vvq",
"discovery": "UNKNOWN"
} }
} }

4
2024/47xxx/CVE-2024-47975.json
View File

@ -244,9 +244,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://https://www.solidigm.com/support-page/support-security.html", "url": "https://www.solidigm.com/support-page/support-security.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://https://www.solidigm.com/support-page/support-security.html" "name": "https://www.solidigm.com/support-page/support-security.html"
} }
] ]
}, },

71
2024/48xxx/CVE-2024-48768.json
View File

@ -1,17 +1,76 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-48768",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-48768",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue in almaodo GmbH appinventor.ai_google.almando_control 2.3.1 allows a remote attacker to obtain sensitive information via the firmware update process"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://appinventoraigooglealmandocontrol.com",
"refsource": "MISC",
"name": "http://appinventoraigooglealmandocontrol.com"
},
{
"url": "http://www.almando.com/",
"refsource": "MISC",
"name": "http://www.almando.com/"
},
{
"url": "https://www.almando.com/media/firmware/almando.json",
"refsource": "MISC",
"name": "https://www.almando.com/media/firmware/almando.json"
},
{
"refsource": "MISC",
"name": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/appinventor.ai_google.almando_control/appinventor.ai_google.almando_control.md",
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/appinventor.ai_google.almando_control/appinventor.ai_google.almando_control.md"
} }
] ]
} }

66
2024/48xxx/CVE-2024-48770.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-48770",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-48770",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain sensitive information via the firmware update process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://comwisdomcityzwave.com",
"refsource": "MISC",
"name": "http://comwisdomcityzwave.com"
},
{
"url": "http://plug.com",
"refsource": "MISC",
"name": "http://plug.com"
},
{
"refsource": "MISC",
"name": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.wisdomcity.zwave/com.wisdomcity.zwave.md",
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.wisdomcity.zwave/com.wisdomcity.zwave.md"
} }
] ]
} }

61
2024/48xxx/CVE-2024-48771.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-48771",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-48771",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue in almando GmbH Almando Play APP (com.almando.play) 1.8.2 allows a remote attacker to obtain sensitive information via the firmware update process"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://almando.com",
"refsource": "MISC",
"name": "http://almando.com"
},
{
"refsource": "MISC",
"name": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.almando.play/com.almando.play.md",
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.almando.play/com.almando.play.md"
} }
] ]
} }

66
2024/48xxx/CVE-2024-48773.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-48773",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-48773",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue in WoFit v.7.2.3 allows a remote attacker to obtain sensitive information via the firmware update process"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://comchenyumorepro.com",
"refsource": "MISC",
"name": "http://comchenyumorepro.com"
},
{
"url": "http://wo-smart.com/",
"refsource": "MISC",
"name": "http://wo-smart.com/"
},
{
"refsource": "MISC",
"name": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.chenyu.morepro/com.chenyu.morepro.md",
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.chenyu.morepro/com.chenyu.morepro.md"
} }
] ]
} }

66
2024/48xxx/CVE-2024-48774.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-48774",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-48774",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue in Fermax Asia Pacific Pte Ltd com.fermax.vida 2.4.6 allows a remote attacker to obtain sensitve information via the firmware update process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://comfermaxvida.com",
"refsource": "MISC",
"name": "http://comfermaxvida.com"
},
{
"url": "http://fermax.com",
"refsource": "MISC",
"name": "http://fermax.com"
},
{
"refsource": "MISC",
"name": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.fermax.vida/com.fermax.vida.md",
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.fermax.vida/com.fermax.vida.md"
} }
] ]
} }

66
2024/48xxx/CVE-2024-48775.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-48775",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-48775",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue in Plug n Play Camera com.ezset.delaney 1.2.0 allows a remote attacker to obtain sensitive information via the firmware update process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://plug.com",
"refsource": "MISC",
"name": "http://plug.com"
},
{
"url": "http://comezsetdelaney.com",
"refsource": "MISC",
"name": "http://comezsetdelaney.com"
},
{
"refsource": "MISC",
"name": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.ezset.delaney/com.ezset.delaney.md",
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.ezset.delaney/com.ezset.delaney.md"
} }
] ]
} }

66
2024/48xxx/CVE-2024-48776.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-48776",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-48776",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue in Shelly com.home.shelly 1.0.4 allows a remote attacker to obtain sensitive information via the firmware update process"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://shelly.com",
"refsource": "MISC",
"name": "http://shelly.com"
},
{
"url": "http://comhomeshelly.com",
"refsource": "MISC",
"name": "http://comhomeshelly.com"
},
{
"refsource": "MISC",
"name": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.home.shelly/com.home.shelly.md",
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.home.shelly/com.home.shelly.md"
} }
] ]
} }

66
2024/48xxx/CVE-2024-48777.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-48777",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-48777",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "LEDVANCE com.ledvance.smartplus.eu 2.1.10 allows a remote attacker to obtain sensitive information via the firmware update process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://comledvancesmartpluseu.com",
"refsource": "MISC",
"name": "http://comledvancesmartpluseu.com"
},
{
"url": "http://ledvance.com",
"refsource": "MISC",
"name": "http://ledvance.com"
},
{
"refsource": "MISC",
"name": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.ledvance.smartplus.eu/com.ledvance.smartplus.eu.md",
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.ledvance.smartplus.eu/com.ledvance.smartplus.eu.md"
} }
] ]
} }

66
2024/48xxx/CVE-2024-48784.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-48784",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-48784",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An Incorrect Access Control issue in SAMPMAX com.sampmax.homemax 2.1.2.7 allows a remote attacker to obtain sensitive information via the firmware update process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://comsampmaxhomemax.com",
"refsource": "MISC",
"name": "http://comsampmaxhomemax.com"
},
{
"url": "http://sampmax.com",
"refsource": "MISC",
"name": "http://sampmax.com"
},
{
"refsource": "MISC",
"name": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.sampmax.homemax/com.sampmax.homemax.md",
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.sampmax.homemax/com.sampmax.homemax.md"
} }
] ]
} }

18
2024/9xxx/CVE-2024-9886.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9886",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9887.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9887",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9888.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9888",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9889.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9889",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9890.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9890",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9891.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9891",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}