diff --git a/2024/36xxx/CVE-2024-36730.json b/2024/36xxx/CVE-2024-36730.json index fa82f375fc2..a46e4a35ea2 100644 --- a/2024/36xxx/CVE-2024-36730.json +++ b/2024/36xxx/CVE-2024-36730.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-36730", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-36730", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting negative values into the oneflow.zeros/ones parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://gist.github.com/Redmept1on/1c530e191fb3c76f034c2ea1d11eb821", + "url": "https://gist.github.com/Redmept1on/1c530e191fb3c76f034c2ea1d11eb821" } ] } diff --git a/2024/37xxx/CVE-2024-37154.json b/2024/37xxx/CVE-2024-37154.json index 686be43f3f0..f5113dd2e96 100644 --- a/2024/37xxx/CVE-2024-37154.json +++ b/2024/37xxx/CVE-2024-37154.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-37154", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. Users are able to delegate tokens that have not yet been vested. This affects employees and grantees who have funds managed via `ClawbackVestingAccount`. This affects 18.1.0 and earlier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-285: Improper Authorization", + "cweId": "CWE-285" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "evmos", + "product": { + "product_data": [ + { + "product_name": "evmos", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 18.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/evmos/evmos/security/advisories/GHSA-7hrh-v6wp-53vw", + "refsource": "MISC", + "name": "https://github.com/evmos/evmos/security/advisories/GHSA-7hrh-v6wp-53vw" + } + ] + }, + "source": { + "advisory": "GHSA-7hrh-v6wp-53vw", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/5xxx/CVE-2024-5713.json b/2024/5xxx/CVE-2024-5713.json new file mode 100644 index 00000000000..6cafd4ed001 --- /dev/null +++ b/2024/5xxx/CVE-2024-5713.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5713", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5714.json b/2024/5xxx/CVE-2024-5714.json new file mode 100644 index 00000000000..81c1ddddb4c --- /dev/null +++ b/2024/5xxx/CVE-2024-5714.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5714", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5715.json b/2024/5xxx/CVE-2024-5715.json new file mode 100644 index 00000000000..9c6011b8f1e --- /dev/null +++ b/2024/5xxx/CVE-2024-5715.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5715", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file