diff --git a/2023/50xxx/CVE-2023-50387.json b/2023/50xxx/CVE-2023-50387.json index 30f069c15b0..b857cc0122b 100644 --- a/2023/50xxx/CVE-2023-50387.json +++ b/2023/50xxx/CVE-2023-50387.json @@ -136,6 +136,11 @@ "refsource": "MLIST", "name": "[oss-security] 20240216 Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities", "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2024-2e26eccfcb", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" } ] } diff --git a/2023/50xxx/CVE-2023-50868.json b/2023/50xxx/CVE-2023-50868.json index df8b82dc98f..f5c56d3abbe 100644 --- a/2023/50xxx/CVE-2023-50868.json +++ b/2023/50xxx/CVE-2023-50868.json @@ -106,6 +106,11 @@ "refsource": "MLIST", "name": "[oss-security] 20240216 Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities", "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2024-2e26eccfcb", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" } ] } diff --git a/2023/52xxx/CVE-2023-52097.json b/2023/52xxx/CVE-2023-52097.json index 9b9b472ff02..a0915d6bf9b 100644 --- a/2023/52xxx/CVE-2023-52097.json +++ b/2023/52xxx/CVE-2023-52097.json @@ -1,18 +1,106 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52097", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of foreground service restrictions being bypassed in the NMS module.Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/2/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/2/" + }, + { + "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405", + "refsource": "MISC", + "name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52357.json b/2023/52xxx/CVE-2023-52357.json index f7c7bf3391a..859bd754d95 100644 --- a/2023/52xxx/CVE-2023-52357.json +++ b/2023/52xxx/CVE-2023-52357.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52357", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful exploitation of this vulnerability may affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Configuration" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/2/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/2/" + }, + { + "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405", + "refsource": "MISC", + "name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52358.json b/2023/52xxx/CVE-2023-52358.json index 517c46cdb6e..b5a4c7665e2 100644 --- a/2023/52xxx/CVE-2023-52358.json +++ b/2023/52xxx/CVE-2023-52358.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52358", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of configuration defects in some APIs of the audio module.Successful exploitation of this vulnerability may affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Configuration" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/2/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/2/" + }, + { + "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405", + "refsource": "MISC", + "name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52360.json b/2023/52xxx/CVE-2023-52360.json index 2b53572a23b..667e2a86667 100644 --- a/2023/52xxx/CVE-2023-52360.json +++ b/2023/52xxx/CVE-2023-52360.json @@ -1,18 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52360", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Logic vulnerabilities in the baseband.Successful exploitation of this vulnerability may affect service integrity." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Data Processing Errors" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://https://consumer.huawei.com/en/support/bulletin/2024/2/", + "refsource": "MISC", + "name": "https://https://consumer.huawei.com/en/support/bulletin/2024/2/" + }, + { + "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405", + "refsource": "MISC", + "name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52361.json b/2023/52xxx/CVE-2023-52361.json index 313047c8942..4f88c023846 100644 --- a/2023/52xxx/CVE-2023-52361.json +++ b/2023/52xxx/CVE-2023-52361.json @@ -1,18 +1,74 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52361", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful exploitation of this vulnerability may affect integrity." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Business Logic Errors" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/2/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/2/" + }, + { + "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405", + "refsource": "MISC", + "name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52387.json b/2023/52xxx/CVE-2023-52387.json index 9f8af604fab..c4896069894 100644 --- a/2023/52xxx/CVE-2023-52387.json +++ b/2023/52xxx/CVE-2023-52387.json @@ -1,18 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52387", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Sensitive Information in Resource Not Removed Before Reuse" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/2/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/2/" + }, + { + "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405", + "refsource": "MISC", + "name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file