diff --git a/2022/33xxx/CVE-2022-33220.json b/2022/33xxx/CVE-2022-33220.json index 258c60eb189..31e5c285ab2 100644 --- a/2022/33xxx/CVE-2022-33220.json +++ b/2022/33xxx/CVE-2022-33220.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2022/33xxx/CVE-2022-33248.json b/2022/33xxx/CVE-2022-33248.json index 918a205a627..92ff2694d34 100644 --- a/2022/33xxx/CVE-2022-33248.json +++ b/2022/33xxx/CVE-2022-33248.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-680 Integer Overflow to Buffer Overflow", + "cweId": "CWE-680" } ] } diff --git a/2022/33xxx/CVE-2022-33250.json b/2022/33xxx/CVE-2022-33250.json index aa5d06b9a87..3a6e612dc64 100644 --- a/2022/33xxx/CVE-2022-33250.json +++ b/2022/33xxx/CVE-2022-33250.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-617 Reachable Assertion", + "cweId": "CWE-617" } ] } diff --git a/2022/33xxx/CVE-2022-33254.json b/2022/33xxx/CVE-2022-33254.json index 35df9a0ff94..9b5f9372806 100644 --- a/2022/33xxx/CVE-2022-33254.json +++ b/2022/33xxx/CVE-2022-33254.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-617 Reachable Assertion", + "cweId": "CWE-617" } ] } diff --git a/2022/33xxx/CVE-2022-33256.json b/2022/33xxx/CVE-2022-33256.json index 177c9d90f97..1d888f26f27 100644 --- a/2022/33xxx/CVE-2022-33256.json +++ b/2022/33xxx/CVE-2022-33256.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-129 Improper Validation of Array Index", + "cweId": "CWE-129" } ] } diff --git a/2022/33xxx/CVE-2022-33257.json b/2022/33xxx/CVE-2022-33257.json index 78f5d6b4054..8779eaad451 100644 --- a/2022/33xxx/CVE-2022-33257.json +++ b/2022/33xxx/CVE-2022-33257.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", + "cweId": "CWE-367" } ] } diff --git a/2022/33xxx/CVE-2022-33260.json b/2022/33xxx/CVE-2022-33260.json index db12a7f9a85..e887328cffd 100644 --- a/2022/33xxx/CVE-2022-33260.json +++ b/2022/33xxx/CVE-2022-33260.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-121 Stack-based Buffer Overflow", + "cweId": "CWE-121" } ] } diff --git a/2022/33xxx/CVE-2022-33271.json b/2022/33xxx/CVE-2022-33271.json index d7071d2bc00..3541e520ac6 100644 --- a/2022/33xxx/CVE-2022-33271.json +++ b/2022/33xxx/CVE-2022-33271.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2022/33xxx/CVE-2022-33272.json b/2022/33xxx/CVE-2022-33272.json index 75a5c0b58a1..b4175844987 100644 --- a/2022/33xxx/CVE-2022-33272.json +++ b/2022/33xxx/CVE-2022-33272.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-617 Reachable Assertion", + "cweId": "CWE-617" } ] } diff --git a/2022/33xxx/CVE-2022-33275.json b/2022/33xxx/CVE-2022-33275.json index 5a1ed3546aa..1c0de1127b5 100644 --- a/2022/33xxx/CVE-2022-33275.json +++ b/2022/33xxx/CVE-2022-33275.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-129 Improper Validation of Array Index", + "cweId": "CWE-129" } ] } diff --git a/2022/33xxx/CVE-2022-33277.json b/2022/33xxx/CVE-2022-33277.json index 8c0d0cf961e..808b13cc345 100644 --- a/2022/33xxx/CVE-2022-33277.json +++ b/2022/33xxx/CVE-2022-33277.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2022/33xxx/CVE-2022-33278.json b/2022/33xxx/CVE-2022-33278.json index 1a514b0f340..98b08f3dc1c 100644 --- a/2022/33xxx/CVE-2022-33278.json +++ b/2022/33xxx/CVE-2022-33278.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2022/33xxx/CVE-2022-33279.json b/2022/33xxx/CVE-2022-33279.json index bf90867e53b..51656e7086f 100644 --- a/2022/33xxx/CVE-2022-33279.json +++ b/2022/33xxx/CVE-2022-33279.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-121 Stack-based Buffer Overflow", + "cweId": "CWE-121" } ] } diff --git a/2022/33xxx/CVE-2022-33280.json b/2022/33xxx/CVE-2022-33280.json index 47b45df57df..7869fc84138 100644 --- a/2022/33xxx/CVE-2022-33280.json +++ b/2022/33xxx/CVE-2022-33280.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-824 Access of Uninitialized Pointer", + "cweId": "CWE-824" } ] } diff --git a/2022/33xxx/CVE-2022-33306.json b/2022/33xxx/CVE-2022-33306.json index 98905b7689c..40826f212a1 100644 --- a/2022/33xxx/CVE-2022-33306.json +++ b/2022/33xxx/CVE-2022-33306.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2022/33xxx/CVE-2022-33309.json b/2022/33xxx/CVE-2022-33309.json index 3428dad640c..f0d02a89b68 100644 --- a/2022/33xxx/CVE-2022-33309.json +++ b/2022/33xxx/CVE-2022-33309.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2022/34xxx/CVE-2022-34145.json b/2022/34xxx/CVE-2022-34145.json index f49b80b9c75..0ac25148891 100644 --- a/2022/34xxx/CVE-2022-34145.json +++ b/2022/34xxx/CVE-2022-34145.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2022/34xxx/CVE-2022-34146.json b/2022/34xxx/CVE-2022-34146.json index 1fe929b0e8f..f8b8be55661 100644 --- a/2022/34xxx/CVE-2022-34146.json +++ b/2022/34xxx/CVE-2022-34146.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2022/40xxx/CVE-2022-40502.json b/2022/40xxx/CVE-2022-40502.json index 8ea42c52e80..3bc7c5d922b 100644 --- a/2022/40xxx/CVE-2022-40502.json +++ b/2022/40xxx/CVE-2022-40502.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2022/40xxx/CVE-2022-40512.json b/2022/40xxx/CVE-2022-40512.json index d22ecd06da3..e68798abdf3 100644 --- a/2022/40xxx/CVE-2022-40512.json +++ b/2022/40xxx/CVE-2022-40512.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2022/40xxx/CVE-2022-40513.json b/2022/40xxx/CVE-2022-40513.json index e4c9d24a5e0..626fa24a8d3 100644 --- a/2022/40xxx/CVE-2022-40513.json +++ b/2022/40xxx/CVE-2022-40513.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')", + "cweId": "CWE-400" } ] } diff --git a/2022/40xxx/CVE-2022-40514.json b/2022/40xxx/CVE-2022-40514.json index 5a8019a00d4..cb5a5a8f009 100644 --- a/2022/40xxx/CVE-2022-40514.json +++ b/2022/40xxx/CVE-2022-40514.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2022/40xxx/CVE-2022-40515.json b/2022/40xxx/CVE-2022-40515.json index 5b18ab23e91..353e062e138 100644 --- a/2022/40xxx/CVE-2022-40515.json +++ b/2022/40xxx/CVE-2022-40515.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-415 Double Free", + "cweId": "CWE-415" } ] } diff --git a/2022/40xxx/CVE-2022-40527.json b/2022/40xxx/CVE-2022-40527.json index c97c6cdd9b6..b5f52d151bf 100644 --- a/2022/40xxx/CVE-2022-40527.json +++ b/2022/40xxx/CVE-2022-40527.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-617 Reachable Assertion", + "cweId": "CWE-617" } ] } diff --git a/2022/40xxx/CVE-2022-40530.json b/2022/40xxx/CVE-2022-40530.json index 0117c19102d..d07d28c8ae1 100644 --- a/2022/40xxx/CVE-2022-40530.json +++ b/2022/40xxx/CVE-2022-40530.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-680 Integer Overflow to Buffer Overflow", + "cweId": "CWE-680" } ] } diff --git a/2022/40xxx/CVE-2022-40531.json b/2022/40xxx/CVE-2022-40531.json index 12ebeec18f3..2cec566f2a5 100644 --- a/2022/40xxx/CVE-2022-40531.json +++ b/2022/40xxx/CVE-2022-40531.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-704 Incorrect Type Conversion or Cast", + "cweId": "CWE-704" } ] } diff --git a/2022/40xxx/CVE-2022-40535.json b/2022/40xxx/CVE-2022-40535.json index ec875a8052a..ec4e6d1f23e 100644 --- a/2022/40xxx/CVE-2022-40535.json +++ b/2022/40xxx/CVE-2022-40535.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2022/40xxx/CVE-2022-40537.json b/2022/40xxx/CVE-2022-40537.json index 51984ddf68c..38d17c8773b 100644 --- a/2022/40xxx/CVE-2022-40537.json +++ b/2022/40xxx/CVE-2022-40537.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-129 Improper Validation of Array Index", + "cweId": "CWE-129" } ] } diff --git a/2022/40xxx/CVE-2022-40539.json b/2022/40xxx/CVE-2022-40539.json index a2cad6fc9d0..b210211ae27 100644 --- a/2022/40xxx/CVE-2022-40539.json +++ b/2022/40xxx/CVE-2022-40539.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-284 Improper Access Control", + "cweId": "CWE-284" } ] } diff --git a/2022/40xxx/CVE-2022-40540.json b/2022/40xxx/CVE-2022-40540.json index 02a3bb01063..1aad7031c7f 100644 --- a/2022/40xxx/CVE-2022-40540.json +++ b/2022/40xxx/CVE-2022-40540.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/21xxx/CVE-2023-21671.json b/2023/21xxx/CVE-2023-21671.json index f342d4d4bed..f893ab76a7a 100644 --- a/2023/21xxx/CVE-2023-21671.json +++ b/2023/21xxx/CVE-2023-21671.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2023/21xxx/CVE-2023-21673.json b/2023/21xxx/CVE-2023-21673.json index c6928682963..00a4bb3f82e 100644 --- a/2023/21xxx/CVE-2023-21673.json +++ b/2023/21xxx/CVE-2023-21673.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-284 Improper Access Control", + "cweId": "CWE-284" } ] } diff --git a/2023/22xxx/CVE-2023-22382.json b/2023/22xxx/CVE-2023-22382.json index 82d6d470dd9..5e9868a9547 100644 --- a/2023/22xxx/CVE-2023-22382.json +++ b/2023/22xxx/CVE-2023-22382.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2023/22xxx/CVE-2023-22384.json b/2023/22xxx/CVE-2023-22384.json index 124a407ef3c..a6b4dd4a347 100644 --- a/2023/22xxx/CVE-2023-22384.json +++ b/2023/22xxx/CVE-2023-22384.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/22xxx/CVE-2023-22385.json b/2023/22xxx/CVE-2023-22385.json index 4e55cd78883..f01b435ba85 100644 --- a/2023/22xxx/CVE-2023-22385.json +++ b/2023/22xxx/CVE-2023-22385.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/22xxx/CVE-2023-22388.json b/2023/22xxx/CVE-2023-22388.json index d652e183393..44d2f9692df 100644 --- a/2023/22xxx/CVE-2023-22388.json +++ b/2023/22xxx/CVE-2023-22388.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-823 Use of Out-of-range Pointer Offset", + "cweId": "CWE-823" } ] } diff --git a/2023/24xxx/CVE-2023-24852.json b/2023/24xxx/CVE-2023-24852.json index a9c856a914a..fec882ef96a 100644 --- a/2023/24xxx/CVE-2023-24852.json +++ b/2023/24xxx/CVE-2023-24852.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-287 Improper Authentication", + "cweId": "CWE-287" } ] } diff --git a/2023/28xxx/CVE-2023-28545.json b/2023/28xxx/CVE-2023-28545.json index dd16dc32c18..67a2a6ad268 100644 --- a/2023/28xxx/CVE-2023-28545.json +++ b/2023/28xxx/CVE-2023-28545.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", + "cweId": "CWE-119" } ] } diff --git a/2023/28xxx/CVE-2023-28550.json b/2023/28xxx/CVE-2023-28550.json index ae97eaa639b..7b18395fca9 100644 --- a/2023/28xxx/CVE-2023-28550.json +++ b/2023/28xxx/CVE-2023-28550.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", + "cweId": "CWE-119" } ] } diff --git a/2023/28xxx/CVE-2023-28551.json b/2023/28xxx/CVE-2023-28551.json index 4eeede5ccdf..4425c406875 100644 --- a/2023/28xxx/CVE-2023-28551.json +++ b/2023/28xxx/CVE-2023-28551.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", + "cweId": "CWE-119" } ] } diff --git a/2023/28xxx/CVE-2023-28553.json b/2023/28xxx/CVE-2023-28553.json index f9782e6f097..fb7d540ef09 100644 --- a/2023/28xxx/CVE-2023-28553.json +++ b/2023/28xxx/CVE-2023-28553.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/28xxx/CVE-2023-28554.json b/2023/28xxx/CVE-2023-28554.json index aae91f48f81..9dd24cbb607 100644 --- a/2023/28xxx/CVE-2023-28554.json +++ b/2023/28xxx/CVE-2023-28554.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/28xxx/CVE-2023-28556.json b/2023/28xxx/CVE-2023-28556.json index 616e19521e5..3f9e9df4957 100644 --- a/2023/28xxx/CVE-2023-28556.json +++ b/2023/28xxx/CVE-2023-28556.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-285 Improper Authorization", + "cweId": "CWE-285" } ] } diff --git a/2023/28xxx/CVE-2023-28563.json b/2023/28xxx/CVE-2023-28563.json index 261a6ce80aa..9bc94fde773 100644 --- a/2023/28xxx/CVE-2023-28563.json +++ b/2023/28xxx/CVE-2023-28563.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/28xxx/CVE-2023-28566.json b/2023/28xxx/CVE-2023-28566.json index 76eb0ac9b10..3feb73821e1 100644 --- a/2023/28xxx/CVE-2023-28566.json +++ b/2023/28xxx/CVE-2023-28566.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/28xxx/CVE-2023-28568.json b/2023/28xxx/CVE-2023-28568.json index 15541e7a335..72692c91320 100644 --- a/2023/28xxx/CVE-2023-28568.json +++ b/2023/28xxx/CVE-2023-28568.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/28xxx/CVE-2023-28569.json b/2023/28xxx/CVE-2023-28569.json index f58b3663aaa..17f11075f67 100644 --- a/2023/28xxx/CVE-2023-28569.json +++ b/2023/28xxx/CVE-2023-28569.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/28xxx/CVE-2023-28570.json b/2023/28xxx/CVE-2023-28570.json index 3279af7d8ff..a6dfd41c59e 100644 --- a/2023/28xxx/CVE-2023-28570.json +++ b/2023/28xxx/CVE-2023-28570.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/28xxx/CVE-2023-28572.json b/2023/28xxx/CVE-2023-28572.json index 8684bb7f3ef..b7ce8f57b07 100644 --- a/2023/28xxx/CVE-2023-28572.json +++ b/2023/28xxx/CVE-2023-28572.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/28xxx/CVE-2023-28574.json b/2023/28xxx/CVE-2023-28574.json index ba5ffafd779..0b87bf78fef 100644 --- a/2023/28xxx/CVE-2023-28574.json +++ b/2023/28xxx/CVE-2023-28574.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2023/28xxx/CVE-2023-28579.json b/2023/28xxx/CVE-2023-28579.json index 981c8bef9db..e5126e3a7f9 100644 --- a/2023/28xxx/CVE-2023-28579.json +++ b/2023/28xxx/CVE-2023-28579.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/28xxx/CVE-2023-28580.json b/2023/28xxx/CVE-2023-28580.json index b4cbcfebb50..f7e1672716f 100644 --- a/2023/28xxx/CVE-2023-28580.json +++ b/2023/28xxx/CVE-2023-28580.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/28xxx/CVE-2023-28585.json b/2023/28xxx/CVE-2023-28585.json index b32676b0eb8..0f04bf05f46 100644 --- a/2023/28xxx/CVE-2023-28585.json +++ b/2023/28xxx/CVE-2023-28585.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-680 Integer Overflow to Buffer Overflow", + "cweId": "CWE-680" } ] } diff --git a/2023/28xxx/CVE-2023-28586.json b/2023/28xxx/CVE-2023-28586.json index e46e7758985..47233f06881 100644 --- a/2023/28xxx/CVE-2023-28586.json +++ b/2023/28xxx/CVE-2023-28586.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", + "cweId": "CWE-119" } ] } diff --git a/2023/28xxx/CVE-2023-28587.json b/2023/28xxx/CVE-2023-28587.json index d6053a055c8..a796a62d7cb 100644 --- a/2023/28xxx/CVE-2023-28587.json +++ b/2023/28xxx/CVE-2023-28587.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", + "cweId": "CWE-119" } ] } diff --git a/2023/28xxx/CVE-2023-28588.json b/2023/28xxx/CVE-2023-28588.json index aa951d713df..16feee8db60 100644 --- a/2023/28xxx/CVE-2023-28588.json +++ b/2023/28xxx/CVE-2023-28588.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-190 Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } diff --git a/2023/33xxx/CVE-2023-33017.json b/2023/33xxx/CVE-2023-33017.json index 81015b4acd7..fa4f77fe0d2 100644 --- a/2023/33xxx/CVE-2023-33017.json +++ b/2023/33xxx/CVE-2023-33017.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/33xxx/CVE-2023-33018.json b/2023/33xxx/CVE-2023-33018.json index 2cc209b597c..09b17b895eb 100644 --- a/2023/33xxx/CVE-2023-33018.json +++ b/2023/33xxx/CVE-2023-33018.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-680 Integer Overflow to Buffer Overflow", + "cweId": "CWE-680" } ] } diff --git a/2023/33xxx/CVE-2023-33022.json b/2023/33xxx/CVE-2023-33022.json index 503e42cf2a7..87ef9c9b184 100644 --- a/2023/33xxx/CVE-2023-33022.json +++ b/2023/33xxx/CVE-2023-33022.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-680 Integer Overflow to Buffer Overflow", + "cweId": "CWE-680" } ] } diff --git a/2023/33xxx/CVE-2023-33024.json b/2023/33xxx/CVE-2023-33024.json index 99c83915e20..e60e1a18fff 100644 --- a/2023/33xxx/CVE-2023-33024.json +++ b/2023/33xxx/CVE-2023-33024.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/33xxx/CVE-2023-33031.json b/2023/33xxx/CVE-2023-33031.json index 9fb54d8dac8..3231ec34c3c 100644 --- a/2023/33xxx/CVE-2023-33031.json +++ b/2023/33xxx/CVE-2023-33031.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/33xxx/CVE-2023-33041.json b/2023/33xxx/CVE-2023-33041.json index 4ef14beee93..a70741b4f22 100644 --- a/2023/33xxx/CVE-2023-33041.json +++ b/2023/33xxx/CVE-2023-33041.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-617 Reachable Assertion", + "cweId": "CWE-617" } ] } diff --git a/2023/33xxx/CVE-2023-33042.json b/2023/33xxx/CVE-2023-33042.json index 0f9ae009ed3..df26cab942d 100644 --- a/2023/33xxx/CVE-2023-33042.json +++ b/2023/33xxx/CVE-2023-33042.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2023/33xxx/CVE-2023-33043.json b/2023/33xxx/CVE-2023-33043.json index 281f10e4946..237881bd1e8 100644 --- a/2023/33xxx/CVE-2023-33043.json +++ b/2023/33xxx/CVE-2023-33043.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-617 Reachable Assertion", + "cweId": "CWE-617" } ] } diff --git a/2023/33xxx/CVE-2023-33044.json b/2023/33xxx/CVE-2023-33044.json index 23b9592298e..f8433dea8f8 100644 --- a/2023/33xxx/CVE-2023-33044.json +++ b/2023/33xxx/CVE-2023-33044.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-617 Reachable Assertion", + "cweId": "CWE-617" } ] } diff --git a/2023/33xxx/CVE-2023-33045.json b/2023/33xxx/CVE-2023-33045.json index a2c7f2d3e34..217b3d90e97 100644 --- a/2023/33xxx/CVE-2023-33045.json +++ b/2023/33xxx/CVE-2023-33045.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/33xxx/CVE-2023-33047.json b/2023/33xxx/CVE-2023-33047.json index 91ac27e8045..8f5a7457993 100644 --- a/2023/33xxx/CVE-2023-33047.json +++ b/2023/33xxx/CVE-2023-33047.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/33xxx/CVE-2023-33048.json b/2023/33xxx/CVE-2023-33048.json index 01517f782e8..3dd381b11ae 100644 --- a/2023/33xxx/CVE-2023-33048.json +++ b/2023/33xxx/CVE-2023-33048.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/33xxx/CVE-2023-33053.json b/2023/33xxx/CVE-2023-33053.json index 9427f651782..83c900bdba3 100644 --- a/2023/33xxx/CVE-2023-33053.json +++ b/2023/33xxx/CVE-2023-33053.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-129 Improper Validation of Array Index", + "cweId": "CWE-129" } ] } diff --git a/2023/33xxx/CVE-2023-33054.json b/2023/33xxx/CVE-2023-33054.json index 29e9dd450da..7dec7972962 100644 --- a/2023/33xxx/CVE-2023-33054.json +++ b/2023/33xxx/CVE-2023-33054.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-287 Improper Authentication", + "cweId": "CWE-287" } ] } diff --git a/2023/33xxx/CVE-2023-33055.json b/2023/33xxx/CVE-2023-33055.json index b82597a0ceb..ab2c866643e 100644 --- a/2023/33xxx/CVE-2023-33055.json +++ b/2023/33xxx/CVE-2023-33055.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/33xxx/CVE-2023-33056.json b/2023/33xxx/CVE-2023-33056.json index ccfed804658..1e1b627d726 100644 --- a/2023/33xxx/CVE-2023-33056.json +++ b/2023/33xxx/CVE-2023-33056.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-476 NULL Pointer Dereference", + "cweId": "CWE-476" } ] } diff --git a/2023/33xxx/CVE-2023-33059.json b/2023/33xxx/CVE-2023-33059.json index 9b55300398a..a22d59ca39b 100644 --- a/2023/33xxx/CVE-2023-33059.json +++ b/2023/33xxx/CVE-2023-33059.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-191 Integer Underflow (Wrap or Wraparound)", + "cweId": "CWE-191" } ] } diff --git a/2023/33xxx/CVE-2023-33061.json b/2023/33xxx/CVE-2023-33061.json index 6a74f6fb5a4..7f4996be1fa 100644 --- a/2023/33xxx/CVE-2023-33061.json +++ b/2023/33xxx/CVE-2023-33061.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/33xxx/CVE-2023-33063.json b/2023/33xxx/CVE-2023-33063.json index ea8b50260f7..d440b5a624a 100644 --- a/2023/33xxx/CVE-2023-33063.json +++ b/2023/33xxx/CVE-2023-33063.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-416 Use After Free", + "cweId": "CWE-416" } ] } diff --git a/2023/33xxx/CVE-2023-33070.json b/2023/33xxx/CVE-2023-33070.json index 5dc5f9904d1..f2ce112d4b1 100644 --- a/2023/33xxx/CVE-2023-33070.json +++ b/2023/33xxx/CVE-2023-33070.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-287 Improper Authentication", + "cweId": "CWE-287" } ] } diff --git a/2023/33xxx/CVE-2023-33071.json b/2023/33xxx/CVE-2023-33071.json index bce8dc0f84e..5e447176bb4 100644 --- a/2023/33xxx/CVE-2023-33071.json +++ b/2023/33xxx/CVE-2023-33071.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-284 Improper Access Control", + "cweId": "CWE-284" } ] } diff --git a/2023/33xxx/CVE-2023-33074.json b/2023/33xxx/CVE-2023-33074.json index fad9fccd342..98c516497a4 100644 --- a/2023/33xxx/CVE-2023-33074.json +++ b/2023/33xxx/CVE-2023-33074.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-416 Use After Free", + "cweId": "CWE-416" } ] } diff --git a/2023/33xxx/CVE-2023-33079.json b/2023/33xxx/CVE-2023-33079.json index d716c164695..52a1fd193f1 100644 --- a/2023/33xxx/CVE-2023-33079.json +++ b/2023/33xxx/CVE-2023-33079.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-823 Use of Out-of-range Pointer Offset", + "cweId": "CWE-823" } ] } diff --git a/2023/33xxx/CVE-2023-33080.json b/2023/33xxx/CVE-2023-33080.json index 115c674f61c..8999af61e2e 100644 --- a/2023/33xxx/CVE-2023-33080.json +++ b/2023/33xxx/CVE-2023-33080.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/33xxx/CVE-2023-33081.json b/2023/33xxx/CVE-2023-33081.json index e71e203718b..ed1410c2eb2 100644 --- a/2023/33xxx/CVE-2023-33081.json +++ b/2023/33xxx/CVE-2023-33081.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/33xxx/CVE-2023-33082.json b/2023/33xxx/CVE-2023-33082.json index fb1cbf46256..d87aa4e1bed 100644 --- a/2023/33xxx/CVE-2023-33082.json +++ b/2023/33xxx/CVE-2023-33082.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/33xxx/CVE-2023-33083.json b/2023/33xxx/CVE-2023-33083.json index 58c144a8462..773646fcf0c 100644 --- a/2023/33xxx/CVE-2023-33083.json +++ b/2023/33xxx/CVE-2023-33083.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/33xxx/CVE-2023-33087.json b/2023/33xxx/CVE-2023-33087.json index 49c8a94d7cc..bc7403c98a3 100644 --- a/2023/33xxx/CVE-2023-33087.json +++ b/2023/33xxx/CVE-2023-33087.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/33xxx/CVE-2023-33088.json b/2023/33xxx/CVE-2023-33088.json index 6093731bb94..95b64c99e52 100644 --- a/2023/33xxx/CVE-2023-33088.json +++ b/2023/33xxx/CVE-2023-33088.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-476 NULL Pointer Dereference", + "cweId": "CWE-476" } ] } diff --git a/2023/33xxx/CVE-2023-33089.json b/2023/33xxx/CVE-2023-33089.json index 895d04285b5..1284f40f070 100644 --- a/2023/33xxx/CVE-2023-33089.json +++ b/2023/33xxx/CVE-2023-33089.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-476 NULL Pointer Dereference", + "cweId": "CWE-476" } ] } diff --git a/2023/33xxx/CVE-2023-33092.json b/2023/33xxx/CVE-2023-33092.json index c00fc0994d1..8f061a9fcbb 100644 --- a/2023/33xxx/CVE-2023-33092.json +++ b/2023/33xxx/CVE-2023-33092.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" } ] } diff --git a/2023/33xxx/CVE-2023-33097.json b/2023/33xxx/CVE-2023-33097.json index ba676f18101..9b35d52b060 100644 --- a/2023/33xxx/CVE-2023-33097.json +++ b/2023/33xxx/CVE-2023-33097.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/33xxx/CVE-2023-33098.json b/2023/33xxx/CVE-2023-33098.json index ba3cd2b7ff9..0f1bd109cd4 100644 --- a/2023/33xxx/CVE-2023-33098.json +++ b/2023/33xxx/CVE-2023-33098.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-126 Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/33xxx/CVE-2023-33106.json b/2023/33xxx/CVE-2023-33106.json index 5e9924d9d48..3d37dc02ca2 100644 --- a/2023/33xxx/CVE-2023-33106.json +++ b/2023/33xxx/CVE-2023-33106.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-823 Use of Out-of-range Pointer Offset", + "cweId": "CWE-823" } ] } diff --git a/2023/33xxx/CVE-2023-33107.json b/2023/33xxx/CVE-2023-33107.json index 5f70d024f82..e72755ed9ca 100644 --- a/2023/33xxx/CVE-2023-33107.json +++ b/2023/33xxx/CVE-2023-33107.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-190 Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } diff --git a/2024/0xxx/CVE-2024-0157.json b/2024/0xxx/CVE-2024-0157.json index a2ca7abcb0c..34da0bfb64f 100644 --- a/2024/0xxx/CVE-2024-0157.json +++ b/2024/0xxx/CVE-2024-0157.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0157", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@dell.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM Windows Host Agent. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to the hijack of a targeted user's application session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400: Uncontrolled Resource Consumption", + "cweId": "CWE-400" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Dell", + "product": { + "product_data": [ + { + "product_name": "Dell Storage Resource Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "N/A", + "version_value": "5.0.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.dell.com/support/kbdoc/en-nz/000224070/dsa-2024-143-dell-storage-resource-manager-srm-and-dell-storage-monitoring-and-reporting-smr-security-update-for-multiple-third-party-component-vulnerabilities", + "refsource": "MISC", + "name": "https://www.dell.com/support/kbdoc/en-nz/000224070/dsa-2024-143-dell-storage-resource-manager-srm-and-dell-storage-monitoring-and-reporting-smr-security-update-for-multiple-third-party-component-vulnerabilities" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/22xxx/CVE-2024-22334.json b/2024/22xxx/CVE-2024-22334.json index 6a604ab1da3..a25d376c30e 100644 --- a/2024/22xxx/CVE-2024-22334.json +++ b/2024/22xxx/CVE-2024-22334.json @@ -1,17 +1,120 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22334", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type, associated permissions of objects using that type may not be fully revoked. This could lead to incorrect reporting of permission configuration and unexpected privileges being retained. IBM X-Force ID: 279974." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-732 Incorrect Permission Assignment for Critical Resource", + "cweId": "CWE-732" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "UrbanCode Deploy", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "7.0", + "version_value": "7.0.5.20" + }, + { + "version_affected": "<=", + "version_name": "7.1", + "version_value": "7.1.2.16" + }, + { + "version_affected": "<=", + "version_name": "7.2", + "version_value": "7.2.3.9" + }, + { + "version_affected": "<=", + "version_name": "7.3", + "version_value": "7.3.2.4" + } + ] + } + }, + { + "product_name": "DevOps Deploy", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "8.0", + "version_value": "8.0.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7148112", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7148112" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279974", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279974" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/22xxx/CVE-2024-22339.json b/2024/22xxx/CVE-2024-22339.json index 3735e69def1..7d06cd30b1a 100644 --- a/2024/22xxx/CVE-2024-22339.json +++ b/2024/22xxx/CVE-2024-22339.json @@ -1,17 +1,120 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22339", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-532 Insertion of Sensitive Information into Log File", + "cweId": "CWE-532" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "UrbanCode Deploy", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "7.0", + "version_value": "7.0.5.20" + }, + { + "version_affected": "<=", + "version_name": "7.1", + "version_value": "7.1.2.16" + }, + { + "version_affected": "<=", + "version_name": "7.2", + "version_value": "7.2.3.9" + }, + { + "version_affected": "<=", + "version_name": "7.3", + "version_value": "7.3.2.4" + } + ] + } + }, + { + "product_name": "DevOps Deploy", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "8.0", + "version_value": "8.0.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7148113", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7148113" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279979", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279979" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/22xxx/CVE-2024-22358.json b/2024/22xxx/CVE-2024-22358.json index 3eed8d8580f..94a6b2cf786 100644 --- a/2024/22xxx/CVE-2024-22358.json +++ b/2024/22xxx/CVE-2024-22358.json @@ -1,17 +1,120 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22358", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 280896." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-613 Insufficient Session Expiration", + "cweId": "CWE-613" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "UrbanCode Deploy", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "7.0", + "version_value": "7.0.5.20" + }, + { + "version_affected": "<=", + "version_name": "7.1", + "version_value": "7.1.2.16" + }, + { + "version_affected": "<=", + "version_name": "7.2", + "version_value": "7.2.3.9" + }, + { + "version_affected": "<=", + "version_name": "7.3", + "version_value": "7.3.2.4" + } + ] + } + }, + { + "product_name": "DevOps Deploy", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "8.0", + "version_value": "8.0.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7148109", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7148109" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/280896", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/280896" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3400.json b/2024/3xxx/CVE-2024-3400.json index c08d91e4b71..46d6d5b4508 100644 --- a/2024/3xxx/CVE-2024-3400.json +++ b/2024/3xxx/CVE-2024-3400.json @@ -45,19 +45,19 @@ "versions": [ { "status": "unaffected", - "version": "9.0" + "version": "9.0.0" }, { "status": "unaffected", - "version": "9.1" + "version": "9.1.0" }, { "status": "unaffected", - "version": "10.0" + "version": "10.0.0" }, { "status": "unaffected", - "version": "10.1" + "version": "10.1.0" }, { "changes": [ @@ -68,7 +68,7 @@ ], "lessThan": "10.2.9-h1", "status": "affected", - "version": "10.2", + "version": "10.2.0", "versionType": "custom" }, { @@ -80,7 +80,7 @@ ], "lessThan": "11.0.4-h1", "status": "affected", - "version": "11.0", + "version": "11.0.0", "versionType": "custom" }, { @@ -92,7 +92,7 @@ ], "lessThan": "11.1.2-h3", "status": "affected", - "version": "11.1", + "version": "11.1.0", "versionType": "custom" } ], @@ -228,14 +228,14 @@ "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", - "baseScore": 9.8, + "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", - "scope": "UNCHANGED", + "scope": "CHANGED", "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" } ] diff --git a/2024/3xxx/CVE-2024-3697.json b/2024/3xxx/CVE-2024-3697.json index 4193fb51986..9b70bbb56cd 100644 --- a/2024/3xxx/CVE-2024-3697.json +++ b/2024/3xxx/CVE-2024-3697.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3697", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Campcodes House Rental Management System 1.0. It has been classified as critical. Affected is an unknown function of the file manage_tenant.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260484." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in Campcodes House Rental Management System 1.0 ausgemacht. Betroffen hiervon ist ein unbekannter Ablauf der Datei manage_tenant.php. Durch Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Campcodes", + "product": { + "product_data": [ + { + "product_name": "House Rental Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.260484", + "refsource": "MISC", + "name": "https://vuldb.com/?id.260484" + }, + { + "url": "https://vuldb.com/?ctiid.260484", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.260484" + }, + { + "url": "https://vuldb.com/?submit.314203", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.314203" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/House%20Rental%20Management%20System/House%20Rental%20Management%20System%20-%20vuln%203.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/House%20Rental%20Management%20System/House%20Rental%20Management%20System%20-%20vuln%203.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2024/3xxx/CVE-2024-3714.json b/2024/3xxx/CVE-2024-3714.json new file mode 100644 index 00000000000..000c9759c91 --- /dev/null +++ b/2024/3xxx/CVE-2024-3714.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3714", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3715.json b/2024/3xxx/CVE-2024-3715.json new file mode 100644 index 00000000000..e742a4ce980 --- /dev/null +++ b/2024/3xxx/CVE-2024-3715.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3715", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3717.json b/2024/3xxx/CVE-2024-3717.json new file mode 100644 index 00000000000..2a97bf14baf --- /dev/null +++ b/2024/3xxx/CVE-2024-3717.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3717", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file