From 7b2dee46d82bc2ff0a3a89e3c7a35a3b38c94fca Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 26 Nov 2024 05:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/11xxx/CVE-2018-11881.json | 16 +++---- 2020/11xxx/CVE-2020-11311.json | 78 +--------------------------------- 2024/11xxx/CVE-2024-11735.json | 18 ++++++++ 2024/11xxx/CVE-2024-11736.json | 18 ++++++++ 2024/53xxx/CVE-2024-53278.json | 74 ++++++++++++++++++++++++++++++-- 5 files changed, 116 insertions(+), 88 deletions(-) create mode 100644 2024/11xxx/CVE-2024-11735.json create mode 100644 2024/11xxx/CVE-2024-11736.json diff --git a/2018/11xxx/CVE-2018-11881.json b/2018/11xxx/CVE-2018-11881.json index 8613f823d28..171b12be5fe 100644 --- a/2018/11xxx/CVE-2018-11881.json +++ b/2018/11xxx/CVE-2018-11881.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-11881", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2018-11881", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\u00a0\n\n\n\n\n\n\n\n\n\n\n\nThis CVE ID is unused and any reference to it should be ignored." } ] } diff --git a/2020/11xxx/CVE-2020-11311.json b/2020/11xxx/CVE-2020-11311.json index 61dc799a483..9796dc65f7b 100644 --- a/2020/11xxx/CVE-2020-11311.json +++ b/2020/11xxx/CVE-2020-11311.json @@ -5,87 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-11311", "ASSIGNER": "product-security@qualcomm.com", - "STATE": "PUBLIC" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "This record is rejected as duplicate. All references should point to CVE-2021-1904." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Snapdragon", - "product": { - "product_data": [ - { - "product_name": "Mobile", - "version": { - "version_data": [ - { - "version_affected": "=", - "version_value": "SD205, SD210, SD429, SD439, SD450" - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2021-1904", - "refsource": "MISC", - "name": "https://www.cve.org/CVERecord?id=CVE-2021-1904" - }, - { - "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1904", - "refsource": "MISC", - "name": "https://nvd.nist.gov/vuln/detail/cve-2021-1904" - } - ] - }, - "generator": { - "engine": "Vulnogram 0.2.0" - }, - "source": { - "discovery": "UNKNOWN" - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 6.2, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" + "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority\u00a0as duplicate. All references should point to CVE-2021-1904." } ] } diff --git a/2024/11xxx/CVE-2024-11735.json b/2024/11xxx/CVE-2024-11735.json new file mode 100644 index 00000000000..a714b6cc9ac --- /dev/null +++ b/2024/11xxx/CVE-2024-11735.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11735", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11736.json b/2024/11xxx/CVE-2024-11736.json new file mode 100644 index 00000000000..ebe7880656e --- /dev/null +++ b/2024/11xxx/CVE-2024-11736.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11736", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53278.json b/2024/53xxx/CVE-2024-53278.json index a841b9b3c00..a43fd256329 100644 --- a/2024/53xxx/CVE-2024-53278.json +++ b/2024/53xxx/CVE-2024-53278.json @@ -1,17 +1,83 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-53278", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting vulnerability exists in WP Admin UI Customize versions prior to ver 1.5.14. If a malicious admin user customizes the admin screen with some malicious contents, an arbitrary script may be executed on the web browser of the other users who are accessing the admin screen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS)", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "gqevu6bsiz", + "product": { + "product_data": [ + { + "product_name": "WP Admin UI Customize", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "prior to ver 1.5.14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/wp-admin-ui-customize/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-admin-ui-customize/#developers" + }, + { + "url": "https://gqevu6bsiz.chicappa.jp/wp-admin-ui-customize-%E3%82%A2%E3%83%83%E3%83%97%E3%83%87%E3%83%BC%E3%83%881-5-14%E3%82%92%E3%81%97%E3%81%BE%E3%81%97%E3%81%9F/", + "refsource": "MISC", + "name": "https://gqevu6bsiz.chicappa.jp/wp-admin-ui-customize-%E3%82%A2%E3%83%83%E3%83%97%E3%83%87%E3%83%BC%E3%83%881-5-14%E3%82%92%E3%81%97%E3%81%BE%E3%81%97%E3%81%9F/" + }, + { + "url": "https://jvn.jp/en/jp/JVN87182660/", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN87182660/" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "baseSeverity": "MEDIUM", + "baseScore": 4.8, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" } ] }