diff --git a/2023/30xxx/CVE-2023-30765.json b/2023/30xxx/CVE-2023-30765.json
index 00635054e24..13da257382b 100644
--- a/2023/30xxx/CVE-2023-30765.json
+++ b/2023/30xxx/CVE-2023-30765.json
@@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
- "value": "\n\u200bDelta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation.\n\n"
+ "value": "\u200bDelta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation."
}
]
},
@@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
- "value": "CWE-284 \u200bImproper Access Control",
- "cweId": "CWE-284"
+ "value": "CWE-269 Improper Privilege Management",
+ "cweId": "CWE-269"
}
]
}
@@ -76,10 +76,10 @@
{
"base64": false,
"type": "text/html",
- "value": "\n\n\u200bDelta Electronics has provided a fix to these vulnerabilities. Users are encouraged to update to the latest version.
- \u200bDelta Electronics InfraSuite Device Master: Update to v1.0.7.
"
+ "value": "\u200bDelta Electronics has provided a fix to these vulnerabilities. Users are encouraged to update to the latest version.
- \u200bDelta Electronics InfraSuite Device Master: Update to v1.0.7.
"
}
],
- "value": "\n\u200bDelta Electronics has provided a fix to these vulnerabilities. Users are encouraged to update to the latest version.\n\n * \u200bDelta Electronics InfraSuite Device Master: Update to v1.0.7 https://datacenter-softwarecenter.deltaww.com/Download/UPS/Software/InfraSuite_Device_Master_1.0.7(x64).exe .\n\n\n"
+ "value": "\u200bDelta Electronics has provided a fix to these vulnerabilities. Users are encouraged to update to the latest version.\n\n * \u200bDelta Electronics InfraSuite Device Master: Update to v1.0.7 https://datacenter-softwarecenter.deltaww.com/Download/UPS/Software/InfraSuite_Device_Master_1.0.7(x64).exe ."
}
],
"credits": [
diff --git a/2023/47xxx/CVE-2023-47159.json b/2023/47xxx/CVE-2023-47159.json
index e0542ab92e3..8bdd8b8bc79 100644
--- a/2023/47xxx/CVE-2023-47159.json
+++ b/2023/47xxx/CVE-2023-47159.json
@@ -1,17 +1,93 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-47159",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "psirt@us.ibm.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to enumerate usernames due to an observable discrepancy in request responses."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-204 Response Discrepancy Information Exposure",
+ "cweId": "CWE-204"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "IBM",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Sterling File Gateway",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "6.0.0.0",
+ "version_value": "6.1.2.5"
+ },
+ {
+ "version_affected": "<=",
+ "version_name": "6.2.0.0",
+ "version_value": "6.2.0.1"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.ibm.com/support/pages/node/7176083",
+ "refsource": "MISC",
+ "name": "https://www.ibm.com/support/pages/node/7176083"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.2.0"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 4.3,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2023/52xxx/CVE-2023-52292.json b/2023/52xxx/CVE-2023-52292.json
index 72070685ed7..10ddebd61b1 100644
--- a/2023/52xxx/CVE-2023-52292.json
+++ b/2023/52xxx/CVE-2023-52292.json
@@ -1,17 +1,93 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52292",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "psirt@us.ibm.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
+ "cweId": "CWE-79"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "IBM",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Sterling File Gateway",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "6.0.0.0",
+ "version_value": "6.1.2.5"
+ },
+ {
+ "version_affected": "<=",
+ "version_name": "6.2.0.0",
+ "version_value": "6.2.0.3"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.ibm.com/support/pages/node/7176079",
+ "refsource": "MISC",
+ "name": "https://www.ibm.com/support/pages/node/7176079"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.2.0"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.4,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "LOW",
+ "privilegesRequired": "LOW",
+ "scope": "CHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2024/22xxx/CVE-2024-22316.json b/2024/22xxx/CVE-2024-22316.json
index a903bf36120..705f50e698e 100644
--- a/2024/22xxx/CVE-2024-22316.json
+++ b/2024/22xxx/CVE-2024-22316.json
@@ -1,17 +1,93 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22316",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "psirt@us.ibm.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to perform unauthorized actions to another user's data due to improper access controls."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-284 Improper Access Control",
+ "cweId": "CWE-284"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "IBM",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Sterling File Gateway",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "6.0.0.0",
+ "version_value": "6.1.2.5"
+ },
+ {
+ "version_affected": "<=",
+ "version_name": "6.2.0.0",
+ "version_value": "6.2.0.1"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.ibm.com/support/pages/node/7176083",
+ "refsource": "MISC",
+ "name": "https://www.ibm.com/support/pages/node/7176083"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.2.0"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 4.3,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "LOW",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2024/27xxx/CVE-2024-27256.json b/2024/27xxx/CVE-2024-27256.json
index fe8fc57f7e5..9aff67022dc 100644
--- a/2024/27xxx/CVE-2024-27256.json
+++ b/2024/27xxx/CVE-2024-27256.json
@@ -1,17 +1,112 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27256",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "psirt@us.ibm.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and\u00a02.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
+ "cweId": "CWE-327"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "IBM",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "MQ Operator",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "2.4.0",
+ "version_value": "2.4.8"
+ },
+ {
+ "version_affected": "<=",
+ "version_name": "2.3.0",
+ "version_value": "2.3.3"
+ },
+ {
+ "version_affected": "<=",
+ "version_name": "2.2.0",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_affected": "<=",
+ "version_name": "2.0.0 LTS",
+ "version_value": "2.0.22 LTS"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "3.0.0 CD, 3.0.1 CD"
+ },
+ {
+ "version_affected": "<=",
+ "version_name": "3.1.0 CD",
+ "version_value": "3.1.3 CD"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.ibm.com/support/pages/node/7157667",
+ "refsource": "MISC",
+ "name": "https://www.ibm.com/support/pages/node/7157667"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.2.0"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "HIGH",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 5.9,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2024/48xxx/CVE-2024-48416.json b/2024/48xxx/CVE-2024-48416.json
index e1f2cacdb65..8b610ca1cdf 100644
--- a/2024/48xxx/CVE-2024-48416.json
+++ b/2024/48xxx/CVE-2024-48416.json
@@ -1,17 +1,66 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2024-48416",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2024-48416",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "http://edimax.com",
+ "refsource": "MISC",
+ "name": "http://edimax.com"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48416.md",
+ "url": "https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48416.md"
}
]
}
diff --git a/2024/48xxx/CVE-2024-48420.json b/2024/48xxx/CVE-2024-48420.json
index e8b1e7c10d2..9917b836586 100644
--- a/2024/48xxx/CVE-2024-48420.json
+++ b/2024/48xxx/CVE-2024-48420.json
@@ -1,17 +1,66 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2024-48420",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2024-48420",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/getWifiBasic."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "http://edimax.com",
+ "refsource": "MISC",
+ "name": "http://edimax.com"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48420.md",
+ "url": "https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48420.md"
}
]
}
diff --git a/2024/55xxx/CVE-2024-55227.json b/2024/55xxx/CVE-2024-55227.json
index 0f9bc4201c1..e1bab69d4df 100644
--- a/2024/55xxx/CVE-2024-55227.json
+++ b/2024/55xxx/CVE-2024-55227.json
@@ -1,17 +1,81 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2024-55227",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2024-55227",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "A cross-site scripting (XSS) vulnerability in the Events/Agenda module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://github.com/Dolibarr/dolibarr/security/policy",
+ "refsource": "MISC",
+ "name": "https://github.com/Dolibarr/dolibarr/security/policy"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://gist.github.com/Dqtdqt/9762466cd6ec541ea265ba33b09489ff",
+ "url": "https://gist.github.com/Dqtdqt/9762466cd6ec541ea265ba33b09489ff"
+ },
+ {
+ "refsource": "CONFIRM",
+ "name": "https://github.com/Dolibarr/dolibarr/commit/56710ce9b79a97df093f586c90bdaf6cce6a5808",
+ "url": "https://github.com/Dolibarr/dolibarr/commit/56710ce9b79a97df093f586c90bdaf6cce6a5808"
+ },
+ {
+ "refsource": "CONFIRM",
+ "name": "https://github.com/Dolibarr/dolibarr/commit/c0250e4c9106b5c889e512a4771f0205d4f99b99",
+ "url": "https://github.com/Dolibarr/dolibarr/commit/c0250e4c9106b5c889e512a4771f0205d4f99b99"
+ },
+ {
+ "refsource": "CONFIRM",
+ "name": "https://github.com/Dolibarr/dolibarr/commit/9aa24d9d9aeab36358c725dae3fe20c9631082e7",
+ "url": "https://github.com/Dolibarr/dolibarr/commit/9aa24d9d9aeab36358c725dae3fe20c9631082e7"
}
]
}
diff --git a/2024/55xxx/CVE-2024-55228.json b/2024/55xxx/CVE-2024-55228.json
index 576552c8ef8..6b65b85f262 100644
--- a/2024/55xxx/CVE-2024-55228.json
+++ b/2024/55xxx/CVE-2024-55228.json
@@ -1,17 +1,81 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2024-55228",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2024-55228",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://github.com/Dolibarr/dolibarr/security/policy",
+ "refsource": "MISC",
+ "name": "https://github.com/Dolibarr/dolibarr/security/policy"
+ },
+ {
+ "refsource": "CONFIRM",
+ "name": "https://github.com/Dolibarr/dolibarr/commit/56710ce9b79a97df093f586c90bdaf6cce6a5808",
+ "url": "https://github.com/Dolibarr/dolibarr/commit/56710ce9b79a97df093f586c90bdaf6cce6a5808"
+ },
+ {
+ "refsource": "CONFIRM",
+ "name": "https://github.com/Dolibarr/dolibarr/commit/c0250e4c9106b5c889e512a4771f0205d4f99b99",
+ "url": "https://github.com/Dolibarr/dolibarr/commit/c0250e4c9106b5c889e512a4771f0205d4f99b99"
+ },
+ {
+ "refsource": "CONFIRM",
+ "name": "https://github.com/Dolibarr/dolibarr/commit/9aa24d9d9aeab36358c725dae3fe20c9631082e7",
+ "url": "https://github.com/Dolibarr/dolibarr/commit/9aa24d9d9aeab36358c725dae3fe20c9631082e7"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://gist.github.com/Dqtdqt/a942bbce9a5fc851dce366902411c768",
+ "url": "https://gist.github.com/Dqtdqt/a942bbce9a5fc851dce366902411c768"
}
]
}
diff --git a/2024/57xxx/CVE-2024-57272.json b/2024/57xxx/CVE-2024-57272.json
index cf56dbd993d..7555786a877 100644
--- a/2024/57xxx/CVE-2024-57272.json
+++ b/2024/57xxx/CVE-2024-57272.json
@@ -1,17 +1,61 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2024-57272",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2024-57272",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower is vulnerable to Cross Site Scripting (XSS)."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://github.com/kklzzcun/Camera/blob/main/SecureSTATION%20%E5%AD%98%E5%9C%A8%E5%8F%8D%E5%B0%84%E5%BD%A2XSS%E6%BC%8F%E6%B4%9E.md",
+ "refsource": "MISC",
+ "name": "https://github.com/kklzzcun/Camera/blob/main/SecureSTATION%20%E5%AD%98%E5%9C%A8%E5%8F%8D%E5%B0%84%E5%BD%A2XSS%E6%BC%8F%E6%B4%9E.md"
}
]
}
diff --git a/2024/57xxx/CVE-2024-57276.json b/2024/57xxx/CVE-2024-57276.json
index c9374feec58..85997f3ef39 100644
--- a/2024/57xxx/CVE-2024-57276.json
+++ b/2024/57xxx/CVE-2024-57276.json
@@ -1,17 +1,66 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2024-57276",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2024-57276",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT AUTHORITY\\SYSTEM privileges, enabling attackers to escalate privileges by replacing or placing a malicious executable in the service path."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/yamerooo123/CVE/blob/main/CVE-2024-57276/Description.md",
+ "url": "https://github.com/yamerooo123/CVE/blob/main/CVE-2024-57276/Description.md"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/yamerooo123/ResearchNBugBountyEncyclopedia/blob/main/Researches/Dragon%20Age%20Origins/Description.md",
+ "url": "https://github.com/yamerooo123/ResearchNBugBountyEncyclopedia/blob/main/Researches/Dragon%20Age%20Origins/Description.md"
}
]
}
diff --git a/2025/0xxx/CVE-2025-0755.json b/2025/0xxx/CVE-2025-0755.json
new file mode 100644
index 00000000000..181a2812085
--- /dev/null
+++ b/2025/0xxx/CVE-2025-0755.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-0755",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file