diff --git a/2024/35xxx/CVE-2024-35291.json b/2024/35xxx/CVE-2024-35291.json index c69696eabb4..461410422cd 100644 --- a/2024/35xxx/CVE-2024-35291.json +++ b/2024/35xxx/CVE-2024-35291.json @@ -1,17 +1,67 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35291", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting vulnerability exists in Splunk Config Explorer versions prior to 1.7.16. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Chris Younger ", + "product": { + "product_data": [ + { + "product_name": "Splunk Config Explorer", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "prior to 1.7.16" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://splunkbase.splunk.com/app/4353", + "refsource": "MISC", + "name": "https://splunkbase.splunk.com/app/4353" + }, + { + "url": "https://jvn.jp/en/jp/JVN56781258/", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN56781258/" } ] } diff --git a/2024/35xxx/CVE-2024-35297.json b/2024/35xxx/CVE-2024-35297.json index 3749845cdb1..f2c67bd1b51 100644 --- a/2024/35xxx/CVE-2024-35297.json +++ b/2024/35xxx/CVE-2024-35297.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-35297", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting vulnerability exists in WP Booking versions prior to 2.4.5. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "aviplugins.com", + "product": { + "product_data": [ + { + "product_name": "WP Booking", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "prior to 2.4.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/wp-easy-booking/", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-easy-booking/" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?new=3084990%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php&old=2404687%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?new=3084990%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php&old=2404687%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php" + }, + { + "url": "https://jvn.jp/en/jp/JVN35838128/", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN35838128/" } ] } diff --git a/2024/36xxx/CVE-2024-36384.json b/2024/36xxx/CVE-2024-36384.json new file mode 100644 index 00000000000..db6fb1b9113 --- /dev/null +++ b/2024/36xxx/CVE-2024-36384.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2024-36384", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Pointsharp Cryptshare Server before 7.0.0 has an XSS issue that is related to notification messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://documentation.cryptshare.com/w/CSSCurrent_en:Version_7.0.0#Additional_Changes", + "refsource": "MISC", + "name": "https://documentation.cryptshare.com/w/CSSCurrent_en:Version_7.0.0#Additional_Changes" + } + ] + } +} \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36385.json b/2024/36xxx/CVE-2024-36385.json new file mode 100644 index 00000000000..9eb28a1f5d6 --- /dev/null +++ b/2024/36xxx/CVE-2024-36385.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-36385", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36386.json b/2024/36xxx/CVE-2024-36386.json new file mode 100644 index 00000000000..895b700c1ae --- /dev/null +++ b/2024/36xxx/CVE-2024-36386.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-36386", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file