diff --git a/2020/36xxx/CVE-2020-36771.json b/2020/36xxx/CVE-2020-36771.json index 83fed2b1a7a..a95cafa3ecf 100644 --- a/2020/36xxx/CVE-2020-36771.json +++ b/2020/36xxx/CVE-2020-36771.json @@ -75,6 +75,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Jan/24", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Jan/24" + }, + { + "url": "http://packetstormsecurity.com/files/176790/CloudLinux-CageFS-7.1.1-1-Token-Disclosure.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/176790/CloudLinux-CageFS-7.1.1-1-Token-Disclosure.html" } ] }, diff --git a/2020/36xxx/CVE-2020-36772.json b/2020/36xxx/CVE-2020-36772.json index d1ad0d83020..57a9ba72136 100644 --- a/2020/36xxx/CVE-2020-36772.json +++ b/2020/36xxx/CVE-2020-36772.json @@ -75,6 +75,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Jan/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Jan/25" + }, + { + "url": "http://packetstormsecurity.com/files/176791/CloudLinux-CageFS-7.0.8-2-Insufficiently-Restricted-Proxy-Command.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/176791/CloudLinux-CageFS-7.0.8-2-Insufficiently-Restricted-Proxy-Command.html" } ] }, diff --git a/2022/35xxx/CVE-2022-35866.json b/2022/35xxx/CVE-2022-35866.json index dba3a00d29b..af220fec6e0 100644 --- a/2022/35xxx/CVE-2022-35866.json +++ b/2022/35xxx/CVE-2022-35866.json @@ -57,6 +57,16 @@ "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-959/", "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-959/" + }, + { + "refsource": "FULLDISC", + "name": "20240126 [Full Disclosure] CVE-2024-22901: Default MYSQL Credentials in Vinchin Backup & Recovery v7.2 and Earlier", + "url": "http://seclists.org/fulldisclosure/2024/Jan/30" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/176794/Vinchin-Backup-And-Recovery-7.2-Default-MySQL-Credentials.html", + "url": "http://packetstormsecurity.com/files/176794/Vinchin-Backup-And-Recovery-7.2-Default-MySQL-Credentials.html" } ] }, diff --git a/2023/22xxx/CVE-2023-22527.json b/2023/22xxx/CVE-2023-22527.json index 8c36c9b3061..4f23792eb64 100644 --- a/2023/22xxx/CVE-2023-22527.json +++ b/2023/22xxx/CVE-2023-22527.json @@ -179,6 +179,11 @@ "url": "https://jira.atlassian.com/browse/CONFSERVER-93833", "refsource": "MISC", "name": "https://jira.atlassian.com/browse/CONFSERVER-93833" + }, + { + "url": "http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html" } ] }, diff --git a/2023/38xxx/CVE-2023-38039.json b/2023/38xxx/CVE-2023-38039.json index 3072d0f0170..bd80985d11c 100644 --- a/2023/38xxx/CVE-2023-38039.json +++ b/2023/38xxx/CVE-2023-38039.json @@ -127,6 +127,21 @@ "url": "https://support.apple.com/kb/HT214058", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214058" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/38", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/38" } ] } diff --git a/2023/38xxx/CVE-2023-38545.json b/2023/38xxx/CVE-2023-38545.json index ff11abcfe7a..bdb2f352fa2 100644 --- a/2023/38xxx/CVE-2023-38545.json +++ b/2023/38xxx/CVE-2023-38545.json @@ -107,6 +107,21 @@ "url": "https://support.apple.com/kb/HT214058", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214058" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/38", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/38" } ] } diff --git a/2023/38xxx/CVE-2023-38546.json b/2023/38xxx/CVE-2023-38546.json index 90e5ab21890..33b6c085597 100644 --- a/2023/38xxx/CVE-2023-38546.json +++ b/2023/38xxx/CVE-2023-38546.json @@ -97,6 +97,21 @@ "url": "https://support.apple.com/kb/HT214058", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214058" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/38", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/38" } ] } diff --git a/2023/40xxx/CVE-2023-40528.json b/2023/40xxx/CVE-2023-40528.json index 0646c1f72ad..5ff475c0014 100644 --- a/2023/40xxx/CVE-2023-40528.json +++ b/2023/40xxx/CVE-2023-40528.json @@ -134,6 +134,11 @@ "url": "https://support.apple.com/kb/HT213936", "refsource": "MISC", "name": "https://support.apple.com/kb/HT213936" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" } ] } diff --git a/2023/42xxx/CVE-2023-42887.json b/2023/42xxx/CVE-2023-42887.json index df55bd067f8..f6bcd879158 100644 --- a/2023/42xxx/CVE-2023-42887.json +++ b/2023/42xxx/CVE-2023-42887.json @@ -68,6 +68,11 @@ "url": "https://support.apple.com/kb/HT214036", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214036" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" } ] } diff --git a/2023/42xxx/CVE-2023-42888.json b/2023/42xxx/CVE-2023-42888.json index 928e765dae9..5b18a739f3f 100644 --- a/2023/42xxx/CVE-2023-42888.json +++ b/2023/42xxx/CVE-2023-42888.json @@ -122,6 +122,21 @@ "url": "https://support.apple.com/kb/HT214041", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214041" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/38", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/38" } ] } diff --git a/2023/42xxx/CVE-2023-42915.json b/2023/42xxx/CVE-2023-42915.json index ab60bbcd0d3..062b8a7309e 100644 --- a/2023/42xxx/CVE-2023-42915.json +++ b/2023/42xxx/CVE-2023-42915.json @@ -90,6 +90,21 @@ "url": "https://support.apple.com/kb/HT214036", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214036" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/38", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/38" } ] } diff --git a/2023/42xxx/CVE-2023-42916.json b/2023/42xxx/CVE-2023-42916.json index 3ee59e252fd..ae4e4fb94fb 100644 --- a/2023/42xxx/CVE-2023-42916.json +++ b/2023/42xxx/CVE-2023-42916.json @@ -147,6 +147,11 @@ "url": "https://security.gentoo.org/glsa/202401-04", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202401-04" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/35", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/35" } ] } diff --git a/2023/42xxx/CVE-2023-42917.json b/2023/42xxx/CVE-2023-42917.json index 2872ad1bf68..8bb5f24ad00 100644 --- a/2023/42xxx/CVE-2023-42917.json +++ b/2023/42xxx/CVE-2023-42917.json @@ -147,6 +147,11 @@ "url": "https://security.gentoo.org/glsa/202401-04", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202401-04" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/35", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/35" } ] } diff --git a/2023/42xxx/CVE-2023-42935.json b/2023/42xxx/CVE-2023-42935.json index 66389c83f8d..876b0158a7b 100644 --- a/2023/42xxx/CVE-2023-42935.json +++ b/2023/42xxx/CVE-2023-42935.json @@ -63,6 +63,11 @@ "url": "https://support.apple.com/kb/HT213984", "refsource": "MISC", "name": "https://support.apple.com/kb/HT213984" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" } ] } diff --git a/2023/42xxx/CVE-2023-42937.json b/2023/42xxx/CVE-2023-42937.json index 820db9a52a6..bb0e283f8f2 100644 --- a/2023/42xxx/CVE-2023-42937.json +++ b/2023/42xxx/CVE-2023-42937.json @@ -122,6 +122,21 @@ "url": "https://support.apple.com/kb/HT214041", "refsource": "MISC", "name": "https://support.apple.com/kb/HT214041" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/38", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/38" } ] } diff --git a/2023/45xxx/CVE-2023-45779.json b/2023/45xxx/CVE-2023-45779.json index 3d78810609f..9ac530a2308 100644 --- a/2023/45xxx/CVE-2023-45779.json +++ b/2023/45xxx/CVE-2023-45779.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In the APEX module framework of Android, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" + "value": "In the APEX module framework of AOSP, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. More details on this can be found in the following links (which go live Jan 30th, 2024):\n * https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.html https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.html \n * https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-wmcc-g67r-9962 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-wmcc-g67r-9962 \n * https://www.fairphone.com/en/2023/12/22/security-update-apex-modules-vulnerability-fixed https://www.fairphone.com/en/2023/12/22/security-update-apex-modules-vulnerability-fixed \n\n\n" } ] }, diff --git a/2023/6xxx/CVE-2023-6112.json b/2023/6xxx/CVE-2023-6112.json index eb739d2366b..020322a6f96 100644 --- a/2023/6xxx/CVE-2023-6112.json +++ b/2023/6xxx/CVE-2023-6112.json @@ -93,6 +93,11 @@ "url": "https://security.gentoo.org/glsa/202312-07", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202312-07" + }, + { + "url": "http://packetstormsecurity.com/files/176721/Chrome-content-NavigationURLLoaderImpl-FallbackToNonInterceptedRequest-Heap-Use-After-Free.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/176721/Chrome-content-NavigationURLLoaderImpl-FallbackToNonInterceptedRequest-Heap-Use-After-Free.html" } ] } diff --git a/2024/0xxx/CVE-2024-0937.json b/2024/0xxx/CVE-2024-0937.json index 5f4d0f2b37a..5f80b1bd3f7 100644 --- a/2024/0xxx/CVE-2024-0937.json +++ b/2024/0xxx/CVE-2024-0937.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0937", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, has been found in van_der_Schaar LAB synthcity 0.2.9. Affected by this issue is the function load_from_file of the component PKL File Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252182 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early and confirmed immediately the existence of the issue. A patch is planned to be released in February 2024." + }, + { + "lang": "deu", + "value": "Eine kritische Schwachstelle wurde in van_der_Schaar LAB synthcity 0.2.9 entdeckt. Dies betrifft die Funktion load_from_file der Komponente PKL File Handler. Durch das Manipulieren mit unbekannten Daten kann eine deserialization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "van_der_Schaar LAB", + "product": { + "product_data": [ + { + "product_name": "synthcity", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.2.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.252182", + "refsource": "MISC", + "name": "https://vuldb.com/?id.252182" + }, + { + "url": "https://vuldb.com/?ctiid.252182", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.252182" + }, + { + "url": "https://github.com/bayuncao/vul-cve-6", + "refsource": "MISC", + "name": "https://github.com/bayuncao/vul-cve-6" + }, + { + "url": "https://github.com/bayuncao/vul-cve-6/blob/main/poc.py", + "refsource": "MISC", + "name": "https://github.com/bayuncao/vul-cve-6/blob/main/poc.py" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "bayuncao (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2024/0xxx/CVE-2024-0938.json b/2024/0xxx/CVE-2024-0938.json index 52ae01444cd..77465477c51 100644 --- a/2024/0xxx/CVE-2024-0938.json +++ b/2024/0xxx/CVE-2024-0938.json @@ -1,17 +1,140 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0938", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file /general/email/inbox/delete_webmail.php. The manipulation of the argument WEBBODY_ID_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-252183. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in Tongda OA 2017 bis 11.9 gefunden. Dabei betrifft es einen unbekannter Codeteil der Datei /general/email/inbox/delete_webmail.php. Durch Manipulieren des Arguments WEBBODY_ID_STR mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 11.10 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tongda", + "product": { + "product_data": [ + { + "product_name": "OA 2017", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.0" + }, + { + "version_affected": "=", + "version_value": "11.1" + }, + { + "version_affected": "=", + "version_value": "11.2" + }, + { + "version_affected": "=", + "version_value": "11.3" + }, + { + "version_affected": "=", + "version_value": "11.4" + }, + { + "version_affected": "=", + "version_value": "11.5" + }, + { + "version_affected": "=", + "version_value": "11.6" + }, + { + "version_affected": "=", + "version_value": "11.7" + }, + { + "version_affected": "=", + "version_value": "11.8" + }, + { + "version_affected": "=", + "version_value": "11.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.252183", + "refsource": "MISC", + "name": "https://vuldb.com/?id.252183" + }, + { + "url": "https://vuldb.com/?ctiid.252183", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.252183" + }, + { + "url": "https://github.com/Yu1e/vuls/blob/main/SQL%20injection%20vulnerability%20exists%20in%20Tongda%20OA.md", + "refsource": "MISC", + "name": "https://github.com/Yu1e/vuls/blob/main/SQL%20injection%20vulnerability%20exists%20in%20Tongda%20OA.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "yu1e (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.5, + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 5.5, + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5.2, + "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2024/0xxx/CVE-2024-0958.json b/2024/0xxx/CVE-2024-0958.json new file mode 100644 index 00000000000..738021865f5 --- /dev/null +++ b/2024/0xxx/CVE-2024-0958.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0958", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0959.json b/2024/0xxx/CVE-2024-0959.json new file mode 100644 index 00000000000..bb51e092e22 --- /dev/null +++ b/2024/0xxx/CVE-2024-0959.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0959", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0960.json b/2024/0xxx/CVE-2024-0960.json new file mode 100644 index 00000000000..7c2bfc0da7f --- /dev/null +++ b/2024/0xxx/CVE-2024-0960.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0960", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0961.json b/2024/0xxx/CVE-2024-0961.json new file mode 100644 index 00000000000..b7a59c1d3e5 --- /dev/null +++ b/2024/0xxx/CVE-2024-0961.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0961", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0962.json b/2024/0xxx/CVE-2024-0962.json new file mode 100644 index 00000000000..b96ed529550 --- /dev/null +++ b/2024/0xxx/CVE-2024-0962.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0962", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0963.json b/2024/0xxx/CVE-2024-0963.json new file mode 100644 index 00000000000..62a0dd28de4 --- /dev/null +++ b/2024/0xxx/CVE-2024-0963.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0963", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0964.json b/2024/0xxx/CVE-2024-0964.json new file mode 100644 index 00000000000..74d7ea381c0 --- /dev/null +++ b/2024/0xxx/CVE-2024-0964.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0964", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0965.json b/2024/0xxx/CVE-2024-0965.json new file mode 100644 index 00000000000..4a36d0a1282 --- /dev/null +++ b/2024/0xxx/CVE-2024-0965.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0965", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0966.json b/2024/0xxx/CVE-2024-0966.json new file mode 100644 index 00000000000..8936bba5c37 --- /dev/null +++ b/2024/0xxx/CVE-2024-0966.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0966", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/20xxx/CVE-2024-20253.json b/2024/20xxx/CVE-2024-20253.json index 96c4499cc94..146a46f1f66 100644 --- a/2024/20xxx/CVE-2024-20253.json +++ b/2024/20xxx/CVE-2024-20253.json @@ -1,17 +1,1191 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20253", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Unified Contact Center Enterprise", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "N/A" + } + ] + } + }, + { + "product_name": "Cisco Unity Connection", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.0(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU4" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU4" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU6" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU7" + }, + { + "version_affected": "=", + "version_value": "14" + }, + { + "version_affected": "=", + "version_value": "14SU1" + }, + { + "version_affected": "=", + "version_value": "14SU2" + } + ] + } + }, + { + "product_name": "Cisco Unified Communications Manager", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.0(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU4" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU4" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU6" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU7" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU7a" + }, + { + "version_affected": "=", + "version_value": "14" + }, + { + "version_affected": "=", + "version_value": "14SU1" + }, + { + "version_affected": "=", + "version_value": "14SU2" + } + ] + } + }, + { + "product_name": "Cisco Unified Contact Center Express", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8.5(1)" + }, + { + "version_affected": "=", + "version_value": "9.0(2)SU3ES04" + }, + { + "version_affected": "=", + "version_value": "10.0(1)SU1" + }, + { + "version_affected": "=", + "version_value": "10.0(1)SU1ES04" + }, + { + "version_affected": "=", + "version_value": "10.5(1)" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU1ES10" + }, + { + "version_affected": "=", + "version_value": "10.6(1)" + }, + { + "version_affected": "=", + "version_value": "10.6(1)SU1" + }, + { + "version_affected": "=", + "version_value": "10.6(1)SU3" + }, + { + "version_affected": "=", + "version_value": "10.6(1)SU2" + }, + { + "version_affected": "=", + "version_value": "10.6(1)SU3ES03" + }, + { + "version_affected": "=", + "version_value": "10.6(1)SU2ES04" + }, + { + "version_affected": "=", + "version_value": "10.6(1)SU3ES02" + }, + { + "version_affected": "=", + "version_value": "10.6(1)SU3ES01" + }, + { + "version_affected": "=", + "version_value": "11.0(1)SU1" + }, + { + "version_affected": "=", + "version_value": "11.0(1)SU1ES03" + }, + { + "version_affected": "=", + "version_value": "11.0(1)SU1ES02" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU1ES02" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU1ES01" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU1ES03" + }, + { + "version_affected": "=", + "version_value": "11.5(1)ES01" + }, + { + "version_affected": "=", + "version_value": "12.0(1)" + }, + { + "version_affected": "=", + "version_value": "12.0(1)ES01" + }, + { + "version_affected": "=", + "version_value": "12.0(1)ES03" + }, + { + "version_affected": "=", + "version_value": "12.0(1)ES04" + }, + { + "version_affected": "=", + "version_value": "12.0(1)ES02" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU01_ES03" + }, + { + "version_affected": "=", + "version_value": "12.5(1)ES03" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU01_ES01" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU02_ES02" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU01_ES02" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU02_ES03" + }, + { + "version_affected": "=", + "version_value": "12.5(1)ES01" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU02_ES01" + }, + { + "version_affected": "=", + "version_value": "12.5(1)ES02" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU03_ES01" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU02_ES04" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU03_ES02" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU03_ES03" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU03_ES04" + }, + { + "version_affected": "=", + "version_value": "11.6(1)" + }, + { + "version_affected": "=", + "version_value": "11.6(2)" + }, + { + "version_affected": "=", + "version_value": "11.6(1)ES01" + }, + { + "version_affected": "=", + "version_value": "11.6(2)ES06" + }, + { + "version_affected": "=", + "version_value": "11.6(1)ES02" + }, + { + "version_affected": "=", + "version_value": "11.6(2)ES01" + }, + { + "version_affected": "=", + "version_value": "11.6(2)ES03" + }, + { + "version_affected": "=", + "version_value": "11.6(2)ES07" + }, + { + "version_affected": "=", + "version_value": "11.6(2)ES08" + }, + { + "version_affected": "=", + "version_value": "11.6(2)ES02" + }, + { + "version_affected": "=", + "version_value": "11.6(2)ES05" + }, + { + "version_affected": "=", + "version_value": "11.6(2)ES04" + } + ] + } + }, + { + "product_name": "Cisco Unified Communications Manager IM and Presence Service", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.5(1)" + }, + { + "version_affected": "=", + "version_value": "10.5(2)" + }, + { + "version_affected": "=", + "version_value": "10.5(2a)" + }, + { + "version_affected": "=", + "version_value": "10.5(2b)" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU3" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU2a" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU4a" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU4" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU1" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU2" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "11.5(1)" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU3a" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU4" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU5" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU5a" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU6" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU7" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU8" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU9" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU10" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU11" + }, + { + "version_affected": "=", + "version_value": "11.0(1)" + }, + { + "version_affected": "=", + "version_value": "11.0(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU4" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU6" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU7" + }, + { + "version_affected": "=", + "version_value": "14" + }, + { + "version_affected": "=", + "version_value": "14SU1" + }, + { + "version_affected": "=", + "version_value": "14SU2" + }, + { + "version_affected": "=", + "version_value": "14SU2a" + }, + { + "version_affected": "=", + "version_value": "10.0(1)" + }, + { + "version_affected": "=", + "version_value": "10.0(1)SU1" + }, + { + "version_affected": "=", + "version_value": "10.0(1)SU2" + } + ] + } + }, + { + "product_name": "Cisco Virtualized Voice Browser", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.0(1)" + }, + { + "version_affected": "=", + "version_value": "11.5(1)" + }, + { + "version_affected": "=", + "version_value": "11.5(1)ES29" + }, + { + "version_affected": "=", + "version_value": "11.5(1)ES32" + }, + { + "version_affected": "=", + "version_value": "11.5(1)_ES43" + }, + { + "version_affected": "=", + "version_value": "11.5(1)_ES54" + }, + { + "version_affected": "=", + "version_value": "11.5(1)_ES27" + }, + { + "version_affected": "=", + "version_value": "11.5(1)ES36" + }, + { + "version_affected": "=", + "version_value": "11.5(1)_ES32" + }, + { + "version_affected": "=", + "version_value": "11.5(1)_ES29" + }, + { + "version_affected": "=", + "version_value": "11.5(1)_ES36" + }, + { + "version_affected": "=", + "version_value": "11.5(1)ES43" + }, + { + "version_affected": "=", + "version_value": "11.5(1)_ES53" + }, + { + "version_affected": "=", + "version_value": "11.5(1)ES27" + }, + { + "version_affected": "=", + "version_value": "11.6(1)" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES82" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES22" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES81" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES87" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES84" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES85" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES83" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES80" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES86" + }, + { + "version_affected": "=", + "version_value": "11.6(1)_ES88" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES04" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES07" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES02" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES08" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES03" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES06" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES09" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES14" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES15" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU_ES01" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES11" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES12" + }, + { + "version_affected": "=", + "version_value": "12.5(2)_ET" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_SU_ES02" + }, + { + "version_affected": "=", + "version_value": "12.5(1)_ES10" + }, + { + "version_affected": "=", + "version_value": "12.0(1)" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES02" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES01" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES06" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES07" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES05" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES04" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES03" + }, + { + "version_affected": "=", + "version_value": "12.0(1)_ES08" + }, + { + "version_affected": "=", + "version_value": "12.6(1)" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES04" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES03" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES09" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES06" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES08" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES05" + }, + { + "version_affected": "=", + "version_value": "12.6(2)_ES03" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES02" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES01" + }, + { + "version_affected": "=", + "version_value": "12.6(2)" + }, + { + "version_affected": "=", + "version_value": "12.6(2)_ET01" + }, + { + "version_affected": "=", + "version_value": "12.6(2)_ES02" + }, + { + "version_affected": "=", + "version_value": "12.6(2)_ES01" + }, + { + "version_affected": "=", + "version_value": "12.6(1)_ES07" + } + ] + } + }, + { + "product_name": "Cisco Packaged Contact Center Enterprise", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.5(1)" + }, + { + "version_affected": "=", + "version_value": "10.5(2)" + }, + { + "version_affected": "=", + "version_value": "10.5(1)_ES7" + }, + { + "version_affected": "=", + "version_value": "10.5(2)_ES8" + }, + { + "version_affected": "=", + "version_value": "11.0(1)" + }, + { + "version_affected": "=", + "version_value": "11.0(2)" + }, + { + "version_affected": "=", + "version_value": "11.5(1)" + }, + { + "version_affected": "=", + "version_value": "11.6(1)" + }, + { + "version_affected": "=", + "version_value": "11.6(2)" + }, + { + "version_affected": "=", + "version_value": "12.0(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(2)" + }, + { + "version_affected": "=", + "version_value": "12.6(1)" + }, + { + "version_affected": "=", + "version_value": "12.6(2)" + } + ] + } + }, + { + "product_name": "Cisco Unified Communications Manager / Cisco Unity Connection", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.5(2)SU10" + }, + { + "version_affected": "=", + "version_value": "10.5(1)" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "10.5(1)SU1a" + }, + { + "version_affected": "=", + "version_value": "10.5(2)" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU1" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU2" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU3" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU4" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU5" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU6" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU7" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU8" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU9" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU2a" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU3a" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU4a" + }, + { + "version_affected": "=", + "version_value": "10.5(2)SU6a" + }, + { + "version_affected": "=", + "version_value": "11.0(1)" + }, + { + "version_affected": "=", + "version_value": "11.0(1a)" + }, + { + "version_affected": "=", + "version_value": "11.0(1a)SU1" + }, + { + "version_affected": "=", + "version_value": "11.0(1a)SU2" + }, + { + "version_affected": "=", + "version_value": "11.0(1a)SU3" + }, + { + "version_affected": "=", + "version_value": "11.0(1a)SU3a" + }, + { + "version_affected": "=", + "version_value": "11.0(1a)SU4" + }, + { + "version_affected": "=", + "version_value": "11.0.1" + }, + { + "version_affected": "=", + "version_value": "11.0.2" + }, + { + "version_affected": "=", + "version_value": "11.0.5" + }, + { + "version_affected": "=", + "version_value": "11.5(1)" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU3a" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU3b" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU4" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU5" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU6" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU7" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU8" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU9" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU10" + }, + { + "version_affected": "=", + "version_value": "11.5(1)SU11" + }, + { + "version_affected": "=", + "version_value": "10.0(1)SU2" + }, + { + "version_affected": "=", + "version_value": "10.0(1)" + }, + { + "version_affected": "=", + "version_value": "10.0(1)SU1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm" + } + ] + }, + "source": { + "advisory": "cisco-sa-cucm-rce-bWNzQcUm", + "discovery": "EXTERNAL", + "defects": [ + "CSCwe18830", + "CSCwe18773", + "CSCwe18840", + "CSCwd64292", + "CSCwd64245", + "CSCwd64276" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", + "baseScore": 9.9, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH" } ] } diff --git a/2024/20xxx/CVE-2024-20263.json b/2024/20xxx/CVE-2024-20263.json index a54c2b3c3a3..f62b9efe26e 100644 --- a/2024/20xxx/CVE-2024-20263.json +++ b/2024/20xxx/CVE-2024-20263.json @@ -1,17 +1,226 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20263", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. This vulnerability is due to incorrect processing of ACLs on a stacked configuration when either the primary or backup switches experience a full stack reload or power cycle. An attacker could exploit this vulnerability by sending crafted traffic through an affected device. A successful exploit could allow the attacker to bypass configured ACLs, causing traffic to be dropped or forwarded in an unexpected manner. The attacker does not have control over the conditions that result in the device being in the vulnerable state. Note: In the vulnerable state, the ACL would be correctly applied on the primary devices but could be incorrectly applied to the backup devices." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Small Business Smart and Managed Switches", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.0.0.73" + }, + { + "version_affected": "=", + "version_value": "2.1.0.63" + }, + { + "version_affected": "=", + "version_value": "2.2.0.63" + }, + { + "version_affected": "=", + "version_value": "2.2.0.66" + }, + { + "version_affected": "=", + "version_value": "2.2.5.68" + }, + { + "version_affected": "=", + "version_value": "2.2.7.07" + }, + { + "version_affected": "=", + "version_value": "2.2.8.04" + }, + { + "version_affected": "=", + "version_value": "2.3.0.130" + }, + { + "version_affected": "=", + "version_value": "2.3.5.63" + }, + { + "version_affected": "=", + "version_value": "2.4.0.91" + }, + { + "version_affected": "=", + "version_value": "2.4.0.94" + }, + { + "version_affected": "=", + "version_value": "2.4.5.71" + }, + { + "version_affected": "=", + "version_value": "2.5.0.78" + }, + { + "version_affected": "=", + "version_value": "2.5.0.79" + }, + { + "version_affected": "=", + "version_value": "2.5.0.82" + }, + { + "version_affected": "=", + "version_value": "2.5.0.83" + }, + { + "version_affected": "=", + "version_value": "2.5.0.89" + }, + { + "version_affected": "=", + "version_value": "2.5.0.90" + }, + { + "version_affected": "=", + "version_value": "2.5.0.92" + }, + { + "version_affected": "=", + "version_value": "2.5.5.47" + }, + { + "version_affected": "=", + "version_value": "2.5.7.85" + }, + { + "version_affected": "=", + "version_value": "2.5.8.12" + }, + { + "version_affected": "=", + "version_value": "2.5.8.15" + }, + { + "version_affected": "=", + "version_value": "2.5.9.13" + }, + { + "version_affected": "=", + "version_value": "2.5.9.15" + }, + { + "version_affected": "=", + "version_value": "2.5.9.16" + }, + { + "version_affected": "=", + "version_value": "3.0.0.61" + }, + { + "version_affected": "=", + "version_value": "3.0.0.69" + }, + { + "version_affected": "=", + "version_value": "3.1.0.57" + }, + { + "version_affected": "=", + "version_value": "3.1.1.7" + }, + { + "version_affected": "=", + "version_value": "3.2.0.84" + }, + { + "version_affected": "=", + "version_value": "3.2.0.89" + }, + { + "version_affected": "=", + "version_value": "3.2.1.1" + }, + { + "version_affected": "=", + "version_value": "3.3.0.16" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-bus-acl-bypass-5zn9hNJk", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-bus-acl-bypass-5zn9hNJk" + } + ] + }, + "source": { + "advisory": "cisco-sa-sb-bus-acl-bypass-5zn9hNJk", + "discovery": "EXTERNAL", + "defects": [ + "CSCwf48882", + "CSCwh68993" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", + "baseScore": 5.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2024/20xxx/CVE-2024-20305.json b/2024/20xxx/CVE-2024-20305.json index 5f54bdf2734..e4c21c0551e 100644 --- a/2024/20xxx/CVE-2024-20305.json +++ b/2024/20xxx/CVE-2024-20305.json @@ -1,17 +1,169 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-20305", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cisco", + "product": { + "product_data": [ + { + "product_name": "Cisco Unity Connection", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.0(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU4" + }, + { + "version_affected": "=", + "version_value": "12.0(1)SU5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU1" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU2" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU3" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU4" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU5" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU6" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU7" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU8" + }, + { + "version_affected": "=", + "version_value": "12.5(1)SU8a" + }, + { + "version_affected": "=", + "version_value": "14" + }, + { + "version_affected": "=", + "version_value": "14SU1" + }, + { + "version_affected": "=", + "version_value": "14SU2" + }, + { + "version_affected": "=", + "version_value": "14SU3" + }, + { + "version_affected": "=", + "version_value": "14SU3a" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-xss-9TFuu5MS", + "refsource": "MISC", + "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-xss-9TFuu5MS" + } + ] + }, + "source": { + "advisory": "cisco-sa-cuc-xss-9TFuu5MS", + "discovery": "INTERNAL", + "defects": [ + "CSCwh63111" + ] + }, + "exploit": [ + { + "lang": "en", + "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" } ] } diff --git a/2024/21xxx/CVE-2024-21336.json b/2024/21xxx/CVE-2024-21336.json index b6a9a3bbac8..b5e96fd601a 100644 --- a/2024/21xxx/CVE-2024-21336.json +++ b/2024/21xxx/CVE-2024-21336.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-21336", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@microsoft.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Microsoft Edge (Chromium-based) Spoofing Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge (Chromium-based)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.0.0", + "version_value": "121.0.2277.83" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21336", + "refsource": "MISC", + "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21336" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "LOW", + "baseScore": 2.5, + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C" } ] } diff --git a/2024/23xxx/CVE-2024-23203.json b/2024/23xxx/CVE-2024-23203.json index c79ee27d7b1..ca04271b807 100644 --- a/2024/23xxx/CVE-2024-23203.json +++ b/2024/23xxx/CVE-2024-23203.json @@ -75,6 +75,16 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" } ] } diff --git a/2024/23xxx/CVE-2024-23204.json b/2024/23xxx/CVE-2024-23204.json index a0bcb8fff59..36c85406d8a 100644 --- a/2024/23xxx/CVE-2024-23204.json +++ b/2024/23xxx/CVE-2024-23204.json @@ -92,6 +92,16 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" } ] } diff --git a/2024/23xxx/CVE-2024-23206.json b/2024/23xxx/CVE-2024-23206.json index a72d4082131..783d457e795 100644 --- a/2024/23xxx/CVE-2024-23206.json +++ b/2024/23xxx/CVE-2024-23206.json @@ -136,6 +136,21 @@ "url": "http://seclists.org/fulldisclosure/2024/Jan/27", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Jan/27" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" } ] } diff --git a/2024/23xxx/CVE-2024-23207.json b/2024/23xxx/CVE-2024-23207.json index 2be184250d6..132a6a13446 100644 --- a/2024/23xxx/CVE-2024-23207.json +++ b/2024/23xxx/CVE-2024-23207.json @@ -102,6 +102,26 @@ "url": "https://support.apple.com/en-us/HT214057", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214057" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/38", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/38" } ] } diff --git a/2024/23xxx/CVE-2024-23208.json b/2024/23xxx/CVE-2024-23208.json index 5e817e8e204..7f00f9deaf8 100644 --- a/2024/23xxx/CVE-2024-23208.json +++ b/2024/23xxx/CVE-2024-23208.json @@ -109,6 +109,16 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" } ] } diff --git a/2024/23xxx/CVE-2024-23209.json b/2024/23xxx/CVE-2024-23209.json index b978bb529ab..ec8fec4b9d2 100644 --- a/2024/23xxx/CVE-2024-23209.json +++ b/2024/23xxx/CVE-2024-23209.json @@ -58,6 +58,11 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" } ] } diff --git a/2024/23xxx/CVE-2024-23210.json b/2024/23xxx/CVE-2024-23210.json index 5fe7e6ded90..85f9d0575a1 100644 --- a/2024/23xxx/CVE-2024-23210.json +++ b/2024/23xxx/CVE-2024-23210.json @@ -109,6 +109,16 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" } ] } diff --git a/2024/23xxx/CVE-2024-23211.json b/2024/23xxx/CVE-2024-23211.json index 618734ce7f7..e4ffb718c5f 100644 --- a/2024/23xxx/CVE-2024-23211.json +++ b/2024/23xxx/CVE-2024-23211.json @@ -119,6 +119,21 @@ "url": "http://seclists.org/fulldisclosure/2024/Jan/27", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Jan/27" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" } ] } diff --git a/2024/23xxx/CVE-2024-23212.json b/2024/23xxx/CVE-2024-23212.json index 475b7feb47a..2c88faebc1f 100644 --- a/2024/23xxx/CVE-2024-23212.json +++ b/2024/23xxx/CVE-2024-23212.json @@ -124,6 +124,31 @@ "url": "https://support.apple.com/en-us/HT214057", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214057" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/38", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/38" } ] } diff --git a/2024/23xxx/CVE-2024-23213.json b/2024/23xxx/CVE-2024-23213.json index 0f590a5a110..085163e1150 100644 --- a/2024/23xxx/CVE-2024-23213.json +++ b/2024/23xxx/CVE-2024-23213.json @@ -136,6 +136,21 @@ "url": "http://seclists.org/fulldisclosure/2024/Jan/27", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Jan/27" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" } ] } diff --git a/2024/23xxx/CVE-2024-23214.json b/2024/23xxx/CVE-2024-23214.json index 15419785ab2..e18a61803c6 100644 --- a/2024/23xxx/CVE-2024-23214.json +++ b/2024/23xxx/CVE-2024-23214.json @@ -80,6 +80,21 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" } ] } diff --git a/2024/23xxx/CVE-2024-23215.json b/2024/23xxx/CVE-2024-23215.json index 7a6daa44b1e..19466cc0942 100644 --- a/2024/23xxx/CVE-2024-23215.json +++ b/2024/23xxx/CVE-2024-23215.json @@ -109,6 +109,16 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" } ] } diff --git a/2024/23xxx/CVE-2024-23217.json b/2024/23xxx/CVE-2024-23217.json index b1f12d6f05e..df2036b38dd 100644 --- a/2024/23xxx/CVE-2024-23217.json +++ b/2024/23xxx/CVE-2024-23217.json @@ -92,6 +92,16 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" } ] } diff --git a/2024/23xxx/CVE-2024-23218.json b/2024/23xxx/CVE-2024-23218.json index d08d472637e..ae35f0b00dc 100644 --- a/2024/23xxx/CVE-2024-23218.json +++ b/2024/23xxx/CVE-2024-23218.json @@ -109,6 +109,16 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" } ] } diff --git a/2024/23xxx/CVE-2024-23219.json b/2024/23xxx/CVE-2024-23219.json index e48b97a1ab2..f94a3a13218 100644 --- a/2024/23xxx/CVE-2024-23219.json +++ b/2024/23xxx/CVE-2024-23219.json @@ -58,6 +58,11 @@ "url": "https://support.apple.com/en-us/HT214059", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" } ] } diff --git a/2024/23xxx/CVE-2024-23222.json b/2024/23xxx/CVE-2024-23222.json index d710fba906d..35bfc948ead 100644 --- a/2024/23xxx/CVE-2024-23222.json +++ b/2024/23xxx/CVE-2024-23222.json @@ -129,6 +129,31 @@ "url": "http://seclists.org/fulldisclosure/2024/Jan/27", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Jan/27" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/34", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/34" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/38", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/38" } ] } diff --git a/2024/23xxx/CVE-2024-23223.json b/2024/23xxx/CVE-2024-23223.json index 38e4848d611..b065ef24f0c 100644 --- a/2024/23xxx/CVE-2024-23223.json +++ b/2024/23xxx/CVE-2024-23223.json @@ -109,6 +109,16 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/33", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/33" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" } ] } diff --git a/2024/23xxx/CVE-2024-23224.json b/2024/23xxx/CVE-2024-23224.json index 0bc822e880d..329257f183f 100644 --- a/2024/23xxx/CVE-2024-23224.json +++ b/2024/23xxx/CVE-2024-23224.json @@ -63,6 +63,16 @@ "url": "https://support.apple.com/en-us/HT214061", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/36", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/36" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/37", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Jan/37" } ] }