diff --git a/2021/31xxx/CVE-2021-31573.json b/2021/31xxx/CVE-2021-31573.json index 46c45c1505a..a0c1b95fd26 100644 --- a/2021/31xxx/CVE-2021-31573.json +++ b/2021/31xxx/CVE-2021-31573.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-31573", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mediatek.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "MediaTek, Inc.", + "product": { + "product_data": [ + { + "product_name": "EN7528, EN7580", + "version": { + "version_data": [ + { + "version_value": "Linux SDK versions less than TLM7.3.275.0-82" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://corp.mediatek.com/product-security-acknowledgements", + "url": "https://corp.mediatek.com/product-security-acknowledgements" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234." } ] } diff --git a/2021/31xxx/CVE-2021-31574.json b/2021/31xxx/CVE-2021-31574.json index 9b91efb0d88..e16f1161813 100644 --- a/2021/31xxx/CVE-2021-31574.json +++ b/2021/31xxx/CVE-2021-31574.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-31574", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mediatek.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "MediaTek, Inc.", + "product": { + "product_data": [ + { + "product_name": "EN7528, EN7580", + "version": { + "version_data": [ + { + "version_value": "Linux SDK versions less than TLM7.3.275.0-82" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://corp.mediatek.com/product-security-acknowledgements", + "url": "https://corp.mediatek.com/product-security-acknowledgements" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234." } ] } diff --git a/2021/31xxx/CVE-2021-31575.json b/2021/31xxx/CVE-2021-31575.json index f65e4acac51..a76f3cda46e 100644 --- a/2021/31xxx/CVE-2021-31575.json +++ b/2021/31xxx/CVE-2021-31575.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-31575", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mediatek.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "MediaTek, Inc.", + "product": { + "product_data": [ + { + "product_name": "EN7528, EN7580", + "version": { + "version_data": [ + { + "version_value": "Linux SDK versions less than TLM7.3.275.0-82" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://corp.mediatek.com/product-security-acknowledgements", + "url": "https://corp.mediatek.com/product-security-acknowledgements" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234." } ] } diff --git a/2021/31xxx/CVE-2021-31576.json b/2021/31xxx/CVE-2021-31576.json index 7b38747713c..00e6b0b810e 100644 --- a/2021/31xxx/CVE-2021-31576.json +++ b/2021/31xxx/CVE-2021-31576.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-31576", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mediatek.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "MediaTek, Inc.", + "product": { + "product_data": [ + { + "product_name": "EN7528, EN7580", + "version": { + "version_data": [ + { + "version_value": "Linux SDK versions less than TLM7.3.275.0-64" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://corp.mediatek.com/product-security-acknowledgements", + "url": "https://corp.mediatek.com/product-security-acknowledgements" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Boa, there is a possible information disclosure due to a missing permission check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241." } ] } diff --git a/2021/31xxx/CVE-2021-31577.json b/2021/31xxx/CVE-2021-31577.json index b553b23f4ce..5104fdba003 100644 --- a/2021/31xxx/CVE-2021-31577.json +++ b/2021/31xxx/CVE-2021-31577.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-31577", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mediatek.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "MediaTek, Inc.", + "product": { + "product_data": [ + { + "product_name": "EN7528, EN7580", + "version": { + "version_data": [ + { + "version_value": "Linux SDK versions less than TLM7.3.275.0-64" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://corp.mediatek.com/product-security-acknowledgements", + "url": "https://corp.mediatek.com/product-security-acknowledgements" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Boa, there is a possible escalation of privilege due to a missing permission check. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241." } ] } diff --git a/2021/31xxx/CVE-2021-31578.json b/2021/31xxx/CVE-2021-31578.json index 4fa6bb3adb8..2111a2e7405 100644 --- a/2021/31xxx/CVE-2021-31578.json +++ b/2021/31xxx/CVE-2021-31578.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-31578", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mediatek.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "MediaTek, Inc.", + "product": { + "product_data": [ + { + "product_name": "EN7528, EN7580", + "version": { + "version_data": [ + { + "version_value": "Linux SDK versions less than TLM7.3.275.0-64" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://corp.mediatek.com/product-security-acknowledgements", + "url": "https://corp.mediatek.com/product-security-acknowledgements" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Boa, there is a possible escalation of privilege due to a stack buffer overflow. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241." } ] } diff --git a/2022/48xxx/CVE-2022-48166.json b/2022/48xxx/CVE-2022-48166.json index 38d6457149e..cec7b3e1c77 100644 --- a/2022/48xxx/CVE-2022-48166.json +++ b/2022/48xxx/CVE-2022-48166.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-48166", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-48166", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.google.com/document/d/1zvbuu3Hkk3CAkojAivlUESvtHblHJNLJdpGOoNtk-Vo/edit?usp=sharing", + "refsource": "MISC", + "name": "https://docs.google.com/document/d/1zvbuu3Hkk3CAkojAivlUESvtHblHJNLJdpGOoNtk-Vo/edit?usp=sharing" + }, + { + "refsource": "MISC", + "name": "https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK%20WN530HG4.md", + "url": "https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK%20WN530HG4.md" } ] } diff --git a/2023/0xxx/CVE-2023-0692.json b/2023/0xxx/CVE-2023-0692.json new file mode 100644 index 00000000000..4108c075497 --- /dev/null +++ b/2023/0xxx/CVE-2023-0692.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-0692", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0693.json b/2023/0xxx/CVE-2023-0693.json new file mode 100644 index 00000000000..b7a33bfe632 --- /dev/null +++ b/2023/0xxx/CVE-2023-0693.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-0693", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0694.json b/2023/0xxx/CVE-2023-0694.json new file mode 100644 index 00000000000..98de686743e --- /dev/null +++ b/2023/0xxx/CVE-2023-0694.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-0694", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0695.json b/2023/0xxx/CVE-2023-0695.json new file mode 100644 index 00000000000..5e66ce2355c --- /dev/null +++ b/2023/0xxx/CVE-2023-0695.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-0695", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/23xxx/CVE-2023-23333.json b/2023/23xxx/CVE-2023-23333.json index 1a9ba8d42a2..469a832ab30 100644 --- a/2023/23xxx/CVE-2023-23333.json +++ b/2023/23xxx/CVE-2023-23333.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-23333", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-23333", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/Timorlover/CVE-2023-23333", + "url": "https://github.com/Timorlover/CVE-2023-23333" } ] } diff --git a/2023/24xxx/CVE-2023-24019.json b/2023/24xxx/CVE-2023-24019.json new file mode 100644 index 00000000000..d6fbcd703dd --- /dev/null +++ b/2023/24xxx/CVE-2023-24019.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-24019", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/25xxx/CVE-2023-25504.json b/2023/25xxx/CVE-2023-25504.json new file mode 100644 index 00000000000..76a3dfeb499 --- /dev/null +++ b/2023/25xxx/CVE-2023-25504.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-25504", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file