diff --git a/2024/12xxx/CVE-2024-12147.json b/2024/12xxx/CVE-2024-12147.json index 9e906ae8f41..529547f320e 100644 --- a/2024/12xxx/CVE-2024-12147.json +++ b/2024/12xxx/CVE-2024-12147.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-12147", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "In Netgear R6900 1.0.1.26_1.0.20 wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um eine nicht genauer bekannte Funktion der Datei upgrade_check.cgi der Komponente HTTP Header Handler. Durch Manipulation des Arguments Content-Length mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Overflow", + "cweId": "CWE-120" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption", + "cweId": "CWE-119" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Netgear", + "product": { + "product_data": [ + { + "product_name": "R6900", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0.1.26_1.0.20" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.286873", + "refsource": "MISC", + "name": "https://vuldb.com/?id.286873" + }, + { + "url": "https://vuldb.com/?ctiid.286873", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.286873" + }, + { + "url": "https://vuldb.com/?submit.451858", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.451858" + }, + { + "url": "https://github.com/upload000/Hub/blob/main/IOT/Netgear_R6900.md", + "refsource": "MISC", + "name": "https://github.com/upload000/Hub/blob/main/IOT/Netgear_R6900.md" + }, + { + "url": "https://www.netgear.com/", + "refsource": "MISC", + "name": "https://www.netgear.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "upload (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.8, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C" } ] } diff --git a/2024/12xxx/CVE-2024-12204.json b/2024/12xxx/CVE-2024-12204.json new file mode 100644 index 00000000000..823edaaf854 --- /dev/null +++ b/2024/12xxx/CVE-2024-12204.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12204", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12205.json b/2024/12xxx/CVE-2024-12205.json new file mode 100644 index 00000000000..87ecedcedb3 --- /dev/null +++ b/2024/12xxx/CVE-2024-12205.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12205", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12206.json b/2024/12xxx/CVE-2024-12206.json new file mode 100644 index 00000000000..2fc118df463 --- /dev/null +++ b/2024/12xxx/CVE-2024-12206.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12206", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12207.json b/2024/12xxx/CVE-2024-12207.json new file mode 100644 index 00000000000..dd66a152cd0 --- /dev/null +++ b/2024/12xxx/CVE-2024-12207.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12207", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12208.json b/2024/12xxx/CVE-2024-12208.json new file mode 100644 index 00000000000..af16f8e1363 --- /dev/null +++ b/2024/12xxx/CVE-2024-12208.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12208", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12209.json b/2024/12xxx/CVE-2024-12209.json new file mode 100644 index 00000000000..582ff15af39 --- /dev/null +++ b/2024/12xxx/CVE-2024-12209.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12209", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/12xxx/CVE-2024-12210.json b/2024/12xxx/CVE-2024-12210.json new file mode 100644 index 00000000000..ce25dff793c --- /dev/null +++ b/2024/12xxx/CVE-2024-12210.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-12210", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/40xxx/CVE-2024-40744.json b/2024/40xxx/CVE-2024-40744.json index f362c9e9b26..8b4803047cf 100644 --- a/2024/40xxx/CVE-2024-40744.json +++ b/2024/40xxx/CVE-2024-40744.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8." + "value": "Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.6." } ] }, diff --git a/2024/40xxx/CVE-2024-40745.json b/2024/40xxx/CVE-2024-40745.json index e8abbd85d3e..c4f05ed89f8 100644 --- a/2024/40xxx/CVE-2024-40745.json +++ b/2024/40xxx/CVE-2024-40745.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8." + "value": "Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.6." } ] }, diff --git a/2024/48xxx/CVE-2024-48453.json b/2024/48xxx/CVE-2024-48453.json index e625dd51a31..b0bee5fd5cb 100644 --- a/2024/48xxx/CVE-2024-48453.json +++ b/2024/48xxx/CVE-2024-48453.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-48453", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-48453", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in INOVANCE AM401_CPU1608TPTN allows a remote attacker to execute arbitrary code via the ExecuteUserProgramUpgrade function" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.inovance.com/", + "refsource": "MISC", + "name": "https://www.inovance.com/" + }, + { + "url": "https://github.com/N0zoM1z0/Vuln-Search/blob/main/INOVANCE%20AM401_CPU1608TPTN%20Unauthorized%20Arbitrary%20Code%20Execution%20Vulnerability.md", + "refsource": "MISC", + "name": "https://github.com/N0zoM1z0/Vuln-Search/blob/main/INOVANCE%20AM401_CPU1608TPTN%20Unauthorized%20Arbitrary%20Code%20Execution%20Vulnerability.md" + }, + { + "refsource": "MISC", + "name": "https://github.com/N0zoM1z0/CVEs/blob/main/CVE-2024-48453.md", + "url": "https://github.com/N0zoM1z0/CVEs/blob/main/CVE-2024-48453.md" } ] } diff --git a/2025/0xxx/CVE-2025-0051.json b/2025/0xxx/CVE-2025-0051.json new file mode 100644 index 00000000000..75c641499a6 --- /dev/null +++ b/2025/0xxx/CVE-2025-0051.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0051", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0052.json b/2025/0xxx/CVE-2025-0052.json new file mode 100644 index 00000000000..bcf14d8e4f8 --- /dev/null +++ b/2025/0xxx/CVE-2025-0052.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0052", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file