From 99980523a78e62079f291ac3bfd6b04e84ade1f2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 2 Apr 2024 15:05:20 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/48xxx/CVE-2022-48554.json | 5 +++ 2024/0xxx/CVE-2024-0258.json | 5 +++ 2024/23xxx/CVE-2024-23225.json | 10 +++++ 2024/23xxx/CVE-2024-23226.json | 5 +++ 2024/23xxx/CVE-2024-23231.json | 10 +++++ 2024/23xxx/CVE-2024-23234.json | 5 +++ 2024/23xxx/CVE-2024-23235.json | 10 +++++ 2024/23xxx/CVE-2024-23239.json | 5 +++ 2024/23xxx/CVE-2024-23246.json | 5 +++ 2024/23xxx/CVE-2024-23250.json | 5 +++ 2024/23xxx/CVE-2024-23254.json | 5 +++ 2024/23xxx/CVE-2024-23263.json | 5 +++ 2024/23xxx/CVE-2024-23265.json | 10 +++++ 2024/23xxx/CVE-2024-23275.json | 5 +++ 2024/23xxx/CVE-2024-23278.json | 10 +++++ 2024/23xxx/CVE-2024-23280.json | 5 +++ 2024/23xxx/CVE-2024-23284.json | 10 +++++ 2024/23xxx/CVE-2024-23286.json | 10 +++++ 2024/23xxx/CVE-2024-23287.json | 5 +++ 2024/23xxx/CVE-2024-23288.json | 5 +++ 2024/23xxx/CVE-2024-23289.json | 5 +++ 2024/23xxx/CVE-2024-23290.json | 5 +++ 2024/23xxx/CVE-2024-23291.json | 5 +++ 2024/23xxx/CVE-2024-23293.json | 5 +++ 2024/23xxx/CVE-2024-23296.json | 5 +++ 2024/23xxx/CVE-2024-23297.json | 5 +++ 2024/23xxx/CVE-2024-23300.json | 5 +++ 2024/28xxx/CVE-2024-28895.json | 64 ++------------------------- 2024/28xxx/CVE-2024-28916.json | 64 ++------------------------- 2024/2xxx/CVE-2024-2411.json | 80 ++-------------------------------- 30 files changed, 182 insertions(+), 196 deletions(-) diff --git a/2022/48xxx/CVE-2022-48554.json b/2022/48xxx/CVE-2022-48554.json index 2aff439aea8..5f46dc8bcfa 100644 --- a/2022/48xxx/CVE-2022-48554.json +++ b/2022/48xxx/CVE-2022-48554.json @@ -96,6 +96,11 @@ "refsource": "FULLDISC", "name": "20240313 APPLE-SA-03-07-2024-6 tvOS 17.4", "url": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "refsource": "FULLDISC", + "name": "20240313 APPLE-SA-03-07-2024-5 watchOS 10.4", + "url": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/0xxx/CVE-2024-0258.json b/2024/0xxx/CVE-2024-0258.json index 5df18de6f08..cd30be6044d 100644 --- a/2024/0xxx/CVE-2024-0258.json +++ b/2024/0xxx/CVE-2024-0258.json @@ -119,6 +119,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23225.json b/2024/23xxx/CVE-2024-23225.json index 7592df91071..69c2bf1ecb7 100644 --- a/2024/23xxx/CVE-2024-23225.json +++ b/2024/23xxx/CVE-2024-23225.json @@ -113,6 +113,16 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/22", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/22" } ] } diff --git a/2024/23xxx/CVE-2024-23226.json b/2024/23xxx/CVE-2024-23226.json index 1889fe89c4b..2bb5657b411 100644 --- a/2024/23xxx/CVE-2024-23226.json +++ b/2024/23xxx/CVE-2024-23226.json @@ -136,6 +136,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23231.json b/2024/23xxx/CVE-2024-23231.json index 6e18920ea01..da7db107a67 100644 --- a/2024/23xxx/CVE-2024-23231.json +++ b/2024/23xxx/CVE-2024-23231.json @@ -112,6 +112,16 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/21", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/21" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/22", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/22" } ] } diff --git a/2024/23xxx/CVE-2024-23234.json b/2024/23xxx/CVE-2024-23234.json index 62454e69330..a61ff8cc35a 100644 --- a/2024/23xxx/CVE-2024-23234.json +++ b/2024/23xxx/CVE-2024-23234.json @@ -73,6 +73,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/21", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/21" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/22", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/22" } ] } diff --git a/2024/23xxx/CVE-2024-23235.json b/2024/23xxx/CVE-2024-23235.json index 92e8e0fc7c0..38169f67c30 100644 --- a/2024/23xxx/CVE-2024-23235.json +++ b/2024/23xxx/CVE-2024-23235.json @@ -136,6 +136,16 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/21", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/21" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/25", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23239.json b/2024/23xxx/CVE-2024-23239.json index eaf8681ddf3..629f4aca923 100644 --- a/2024/23xxx/CVE-2024-23239.json +++ b/2024/23xxx/CVE-2024-23239.json @@ -119,6 +119,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23246.json b/2024/23xxx/CVE-2024-23246.json index 8812f91441e..7f4c3a35e65 100644 --- a/2024/23xxx/CVE-2024-23246.json +++ b/2024/23xxx/CVE-2024-23246.json @@ -141,6 +141,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23250.json b/2024/23xxx/CVE-2024-23250.json index 87cdbc1c637..c6d632825ac 100644 --- a/2024/23xxx/CVE-2024-23250.json +++ b/2024/23xxx/CVE-2024-23250.json @@ -119,6 +119,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23254.json b/2024/23xxx/CVE-2024-23254.json index 6357d4f8733..e13ac16d612 100644 --- a/2024/23xxx/CVE-2024-23254.json +++ b/2024/23xxx/CVE-2024-23254.json @@ -158,6 +158,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23263.json b/2024/23xxx/CVE-2024-23263.json index 3cc26ebd2f8..c692fc6320e 100644 --- a/2024/23xxx/CVE-2024-23263.json +++ b/2024/23xxx/CVE-2024-23263.json @@ -163,6 +163,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23265.json b/2024/23xxx/CVE-2024-23265.json index 025b106b87a..e9cfba3a180 100644 --- a/2024/23xxx/CVE-2024-23265.json +++ b/2024/23xxx/CVE-2024-23265.json @@ -151,6 +151,16 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/22", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/22" } ] } diff --git a/2024/23xxx/CVE-2024-23275.json b/2024/23xxx/CVE-2024-23275.json index f1c0d672a8e..d93d30bc11f 100644 --- a/2024/23xxx/CVE-2024-23275.json +++ b/2024/23xxx/CVE-2024-23275.json @@ -73,6 +73,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/21", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/21" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/22", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/22" } ] } diff --git a/2024/23xxx/CVE-2024-23278.json b/2024/23xxx/CVE-2024-23278.json index 1876168700b..ed00791a2cd 100644 --- a/2024/23xxx/CVE-2024-23278.json +++ b/2024/23xxx/CVE-2024-23278.json @@ -134,6 +134,16 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/22", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/22" } ] } diff --git a/2024/23xxx/CVE-2024-23280.json b/2024/23xxx/CVE-2024-23280.json index 3502e8f35ea..3c7d301fffa 100644 --- a/2024/23xxx/CVE-2024-23280.json +++ b/2024/23xxx/CVE-2024-23280.json @@ -141,6 +141,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23284.json b/2024/23xxx/CVE-2024-23284.json index 331fdd50728..d4fb659dbf8 100644 --- a/2024/23xxx/CVE-2024-23284.json +++ b/2024/23xxx/CVE-2024-23284.json @@ -158,6 +158,16 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/21", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/21" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/25", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23286.json b/2024/23xxx/CVE-2024-23286.json index 0cdf120db81..fd7e2034948 100644 --- a/2024/23xxx/CVE-2024-23286.json +++ b/2024/23xxx/CVE-2024-23286.json @@ -151,6 +151,16 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/22", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/22" } ] } diff --git a/2024/23xxx/CVE-2024-23287.json b/2024/23xxx/CVE-2024-23287.json index b8bb0c270ac..f28c3967eaa 100644 --- a/2024/23xxx/CVE-2024-23287.json +++ b/2024/23xxx/CVE-2024-23287.json @@ -97,6 +97,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/21", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/21" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23288.json b/2024/23xxx/CVE-2024-23288.json index 9d7c022b120..c5cad0b2b16 100644 --- a/2024/23xxx/CVE-2024-23288.json +++ b/2024/23xxx/CVE-2024-23288.json @@ -119,6 +119,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23289.json b/2024/23xxx/CVE-2024-23289.json index c75fcfa4a1f..2ccb1f53377 100644 --- a/2024/23xxx/CVE-2024-23289.json +++ b/2024/23xxx/CVE-2024-23289.json @@ -102,6 +102,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/21", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/21" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23290.json b/2024/23xxx/CVE-2024-23290.json index 88bc4c72fe8..a52a06fc973 100644 --- a/2024/23xxx/CVE-2024-23290.json +++ b/2024/23xxx/CVE-2024-23290.json @@ -119,6 +119,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23291.json b/2024/23xxx/CVE-2024-23291.json index fcf586ec44e..8a8f4575727 100644 --- a/2024/23xxx/CVE-2024-23291.json +++ b/2024/23xxx/CVE-2024-23291.json @@ -119,6 +119,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23293.json b/2024/23xxx/CVE-2024-23293.json index 774d8068626..1f570c5cff6 100644 --- a/2024/23xxx/CVE-2024-23293.json +++ b/2024/23xxx/CVE-2024-23293.json @@ -119,6 +119,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23296.json b/2024/23xxx/CVE-2024-23296.json index cb6a62fc9eb..04fe739affe 100644 --- a/2024/23xxx/CVE-2024-23296.json +++ b/2024/23xxx/CVE-2024-23296.json @@ -93,6 +93,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23297.json b/2024/23xxx/CVE-2024-23297.json index 3df6e925ac2..c9bead6919c 100644 --- a/2024/23xxx/CVE-2024-23297.json +++ b/2024/23xxx/CVE-2024-23297.json @@ -97,6 +97,11 @@ "url": "http://seclists.org/fulldisclosure/2024/Mar/25", "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2024/Mar/25" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/24", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/24" } ] } diff --git a/2024/23xxx/CVE-2024-23300.json b/2024/23xxx/CVE-2024-23300.json index f0774948688..493cfe2e4b2 100644 --- a/2024/23xxx/CVE-2024-23300.json +++ b/2024/23xxx/CVE-2024-23300.json @@ -58,6 +58,11 @@ "url": "https://support.apple.com/en-us/HT214090", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT214090" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/27", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2024/Mar/27" } ] } diff --git a/2024/28xxx/CVE-2024-28895.json b/2024/28xxx/CVE-2024-28895.json index 21690df58fb..9d89b79e0aa 100644 --- a/2024/28xxx/CVE-2024-28895.json +++ b/2024/28xxx/CVE-2024-28895.json @@ -1,73 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-28895", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN' App via other app installed on the user's device." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-site scripting (XSS)" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "LY Corporation", - "product": { - "product_data": [ - { - "product_name": "'Yahoo! JAPAN' App for Android", - "version": { - "version_data": [ - { - "version_affected": "=", - "version_value": "v2.3.1 to v3.161.1" - } - ] - } - }, - { - "product_name": "'Yahoo! JAPAN' App for iOS", - "version": { - "version_data": [ - { - "version_affected": "=", - "version_value": "v3.2.2 to v4.109.0" - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://jvn.jp/en/jp/JVN23528780/", - "refsource": "MISC", - "name": "https://jvn.jp/en/jp/JVN23528780/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2024/28xxx/CVE-2024-28916.json b/2024/28xxx/CVE-2024-28916.json index 8b093585815..b3d67d462f1 100644 --- a/2024/28xxx/CVE-2024-28916.json +++ b/2024/28xxx/CVE-2024-28916.json @@ -1,73 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-28916", - "ASSIGNER": "secure@microsoft.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Xbox Gaming Services Elevation of Privilege Vulnerability" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Microsoft", - "product": { - "product_data": [ - { - "product_name": "Xbox Gaming Services", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "19.0.0.0", - "version_value": "19.87.13001.0" - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28916", - "refsource": "MISC", - "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28916" - } - ] - }, - "impact": { - "cvss": [ - { - "version": "3.1", - "baseSeverity": "HIGH", - "baseScore": 8.8, - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2024/2xxx/CVE-2024-2411.json b/2024/2xxx/CVE-2024-2411.json index f4aacf824a9..927c0ee0156 100644 --- a/2024/2xxx/CVE-2024-2411.json +++ b/2024/2xxx/CVE-2024-2411.json @@ -1,89 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-2411", - "ASSIGNER": "security@wordfence.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the 'modal' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "stylemix", - "product": { - "product_data": [ - { - "product_name": "MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Education", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "*", - "version_value": "3.3.0" - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d68a2b60-ee89-4231-b256-214eba418244?source=cve", - "refsource": "MISC", - "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d68a2b60-ee89-4231-b256-214eba418244?source=cve" - }, - { - "url": "https://plugins.trac.wordpress.org/changeset/3055398/masterstudy-lms-learning-management-system#file10", - "refsource": "MISC", - "name": "https://plugins.trac.wordpress.org/changeset/3055398/masterstudy-lms-learning-management-system#file10" - }, - { - "url": "https://docs.stylemixthemes.com/masterstudy-lms/changelog-free-version#id-3.3.1", - "refsource": "MISC", - "name": "https://docs.stylemixthemes.com/masterstudy-lms/changelog-free-version#id-3.3.1" - } - ] - }, - "credits": [ - { - "lang": "en", - "value": "Hiroho Shimada" - } - ], - "impact": { - "cvss": [ - { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] }