From 930ccdc7ec145c604c428066eb16dbcd89955910 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 2 Dec 2024 21:00:31 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/9xxx/CVE-2018-9376.json | 91 +++++++++++++++++++++++++++++++--- 2024/12xxx/CVE-2024-12058.json | 18 +++++++ 2024/12xxx/CVE-2024-12059.json | 18 +++++++ 2024/12xxx/CVE-2024-12060.json | 18 +++++++ 2024/12xxx/CVE-2024-12061.json | 18 +++++++ 2024/12xxx/CVE-2024-12062.json | 18 +++++++ 2024/39xxx/CVE-2024-39890.json | 70 +++++++++++++++++++++++--- 2024/49xxx/CVE-2024-49581.json | 71 ++++++++++++++++++++++++-- 8 files changed, 304 insertions(+), 18 deletions(-) create mode 100644 2024/12xxx/CVE-2024-12058.json create mode 100644 2024/12xxx/CVE-2024-12059.json create mode 100644 2024/12xxx/CVE-2024-12060.json create mode 100644 2024/12xxx/CVE-2024-12061.json create mode 100644 2024/12xxx/CVE-2024-12062.json diff --git a/2018/9xxx/CVE-2018-9376.json b/2018/9xxx/CVE-2018-9376.json index b4a073b9cff..c6f27c2b657 100644 --- a/2018/9xxx/CVE-2018-9376.json +++ b/2018/9xxx/CVE-2018-9376.json @@ -1,18 +1,93 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-9376", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2018-9376", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In rpc_msg_handler and related handlers of\u00a0drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds\u00a0write due to an incorrect bounds check. This could lead to local escalation\u00a0of privilege with System execution privileges needed. User interaction is\u00a0not needed for exploitation." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6" + }, + { + "version_affected": "=", + "version_value": "6.0.1" + }, + { + "version_affected": "=", + "version_value": "7" + }, + { + "version_affected": "=", + "version_value": "7.1.1" + }, + { + "version_affected": "=", + "version_value": "7.1.2" + }, + { + "version_affected": "=", + "version_value": "8" + }, + { + "version_affected": "=", + "version_value": "8.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01", + "refsource": "MISC", + "name": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12058.json b/2024/12xxx/CVE-2024-12058.json new file mode 100644 index 00000000000..3356603fdcd --- /dev/null +++ b/2024/12xxx/CVE-2024-12058.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12058", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12059.json b/2024/12xxx/CVE-2024-12059.json new file mode 100644 index 00000000000..5688c97505e --- /dev/null +++ b/2024/12xxx/CVE-2024-12059.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12059", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12060.json b/2024/12xxx/CVE-2024-12060.json new file mode 100644 index 00000000000..47b46c91141 --- /dev/null +++ b/2024/12xxx/CVE-2024-12060.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12060", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12061.json b/2024/12xxx/CVE-2024-12061.json new file mode 100644 index 00000000000..4c5b7794f5f --- /dev/null +++ b/2024/12xxx/CVE-2024-12061.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12061", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12062.json b/2024/12xxx/CVE-2024-12062.json new file mode 100644 index 00000000000..4a4e27bf89b --- /dev/null +++ b/2024/12xxx/CVE-2024-12062.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12062", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/39xxx/CVE-2024-39890.json b/2024/39xxx/CVE-2024-39890.json index 4558759413c..df4bec9694b 100644 --- a/2024/39xxx/CVE-2024-39890.json +++ b/2024/39xxx/CVE-2024-39890.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-39890", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-39890", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", + "refsource": "MISC", + "name": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N", + "version": "3.1" + } } } \ No newline at end of file diff --git a/2024/49xxx/CVE-2024-49581.json b/2024/49xxx/CVE-2024-49581.json index f840f36e7c2..3d9a6075147 100644 --- a/2024/49xxx/CVE-2024-49581.json +++ b/2024/49xxx/CVE-2024-49581.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-49581", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve-coordination@palantir.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Restricted Views backed objects (OSV1) could be bypassed under specific circumstances due to a software bug, this could have allowed users that didn't have permission to see such objects to view them via Object Explorer directly. This software bug did not impact or otherwise make data available across organizational boundaries nor did it allow for data to be viewed or accessed by unauthenticated users. \nThe affected service have been patched and automatically deployed to all Apollo-managed Foundry instances." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "The product does not perform an authorization check when an actor attempts to access a resource or perform an action.", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palantir", + "product": { + "product_data": [ + { + "product_name": "com.palantir.gotham:external-artifacts", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "*", + "version_value": "105.115.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://palantir.safebase.us/?tcuUid=b60db1ee-4b1a-475d-848e-c5a670a0da16", + "refsource": "MISC", + "name": "https://palantir.safebase.us/?tcuUid=b60db1ee-4b1a-475d-848e-c5a670a0da16" + } + ] + }, + "source": { + "defect": [ + "PLTRSEC-2024-47" + ], + "discovery": "INTERNAL" + }, + "impact": { + "cvss": [ + { + "baseSeverity": "MEDIUM", + "baseScore": 6.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] }