From 9df96c33e0b66ab925e7bd2d6a4309d368c43acd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 28 Jan 2025 21:00:55 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/13xxx/CVE-2024-13778.json | 18 ++ 2024/13xxx/CVE-2024-13779.json | 18 ++ 2024/13xxx/CVE-2024-13780.json | 18 ++ 2024/13xxx/CVE-2024-13781.json | 18 ++ 2024/13xxx/CVE-2024-13782.json | 18 ++ 2024/13xxx/CVE-2024-13783.json | 18 ++ 2024/13xxx/CVE-2024-13784.json | 18 ++ 2024/13xxx/CVE-2024-13785.json | 18 ++ 2024/7xxx/CVE-2024-7993.json | 26 +-- 2024/7xxx/CVE-2024-7994.json | 34 ++-- 2025/0xxx/CVE-2025-0784.json | 341 ++++++++++++++++++++++++++++++++- 2025/22xxx/CVE-2025-22852.json | 18 ++ 2025/24xxx/CVE-2025-24481.json | 88 ++++++++- 2025/24xxx/CVE-2025-24482.json | 88 ++++++++- 2025/24xxx/CVE-2025-24826.json | 71 ++++++- 2025/24xxx/CVE-2025-24913.json | 18 ++ 2025/24xxx/CVE-2025-24914.json | 18 ++ 2025/24xxx/CVE-2025-24915.json | 18 ++ 2025/24xxx/CVE-2025-24916.json | 18 ++ 2025/24xxx/CVE-2025-24917.json | 18 ++ 20 files changed, 851 insertions(+), 49 deletions(-) create mode 100644 2024/13xxx/CVE-2024-13778.json create mode 100644 2024/13xxx/CVE-2024-13779.json create mode 100644 2024/13xxx/CVE-2024-13780.json create mode 100644 2024/13xxx/CVE-2024-13781.json create mode 100644 2024/13xxx/CVE-2024-13782.json create mode 100644 2024/13xxx/CVE-2024-13783.json create mode 100644 2024/13xxx/CVE-2024-13784.json create mode 100644 2024/13xxx/CVE-2024-13785.json create mode 100644 2025/22xxx/CVE-2025-22852.json create mode 100644 2025/24xxx/CVE-2025-24913.json create mode 100644 2025/24xxx/CVE-2025-24914.json create mode 100644 2025/24xxx/CVE-2025-24915.json create mode 100644 2025/24xxx/CVE-2025-24916.json create mode 100644 2025/24xxx/CVE-2025-24917.json diff --git a/2024/13xxx/CVE-2024-13778.json b/2024/13xxx/CVE-2024-13778.json new file mode 100644 index 00000000000..a4616bfaefb --- /dev/null +++ b/2024/13xxx/CVE-2024-13778.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13778", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13779.json b/2024/13xxx/CVE-2024-13779.json new file mode 100644 index 00000000000..d45756b5f12 --- /dev/null +++ b/2024/13xxx/CVE-2024-13779.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13779", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13780.json b/2024/13xxx/CVE-2024-13780.json new file mode 100644 index 00000000000..7316a5a07d6 --- /dev/null +++ b/2024/13xxx/CVE-2024-13780.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13780", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13781.json b/2024/13xxx/CVE-2024-13781.json new file mode 100644 index 00000000000..5ccbdab9ba7 --- /dev/null +++ b/2024/13xxx/CVE-2024-13781.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13781", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13782.json b/2024/13xxx/CVE-2024-13782.json new file mode 100644 index 00000000000..7bf82e62574 --- /dev/null +++ b/2024/13xxx/CVE-2024-13782.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13782", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13783.json b/2024/13xxx/CVE-2024-13783.json new file mode 100644 index 00000000000..c0f7a8dbef1 --- /dev/null +++ b/2024/13xxx/CVE-2024-13783.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13783", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13784.json b/2024/13xxx/CVE-2024-13784.json new file mode 100644 index 00000000000..0a593e57d5e --- /dev/null +++ b/2024/13xxx/CVE-2024-13784.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13784", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13785.json b/2024/13xxx/CVE-2024-13785.json new file mode 100644 index 00000000000..dbf9bbc3f8d --- /dev/null +++ b/2024/13xxx/CVE-2024-13785.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13785", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7993.json b/2024/7xxx/CVE-2024-7993.json index 0c2addd7c20..5dbeaf6dcbe 100644 --- a/2024/7xxx/CVE-2024-7993.json +++ b/2024/7xxx/CVE-2024-7993.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process." + "value": "A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process." } ] }, @@ -40,20 +40,14 @@ "version": { "version_data": [ { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "status": "affected", - "version": "2025" - }, - { - "status": "affected", - "version": "2024" - } - ], - "defaultStatus": "affected" - } + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.3" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.2.2" } ] } @@ -77,7 +71,7 @@ "engine": "Vulnogram 0.2.0" }, "source": { - "discovery": "UNKNOWN" + "discovery": "EXTERNAL" }, "impact": { "cvss": [ diff --git a/2024/7xxx/CVE-2024-7994.json b/2024/7xxx/CVE-2024-7994.json index ab2be796011..063a2164a9f 100644 --- a/2024/7xxx/CVE-2024-7994.json +++ b/2024/7xxx/CVE-2024-7994.json @@ -40,20 +40,24 @@ "version": { "version_data": [ { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "status": "affected", - "version": "2025" - }, - { - "status": "affected", - "version": "2024" - } - ], - "defaultStatus": "affected" - } + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.3" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.3" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.8" } ] } @@ -77,7 +81,7 @@ "engine": "Vulnogram 0.2.0" }, "source": { - "discovery": "UNKNOWN" + "discovery": "EXTERNAL" }, "impact": { "cvss": [ diff --git a/2025/0xxx/CVE-2025-0784.json b/2025/0xxx/CVE-2025-0784.json index 01a37fa1376..cb28f291afd 100644 --- a/2025/0xxx/CVE-2025-0784.json +++ b/2025/0xxx/CVE-2025-0784.json @@ -1,17 +1,350 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-0784", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability has been found in Intelbras InControl up to 2.21.58 and classified as problematic. This vulnerability affects unknown code of the file /v1/usuario/ of the component Registered User Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.21.59 is able to address this issue. It is recommended to upgrade the affected component." + }, + { + "lang": "deu", + "value": "In Intelbras InControl bis 2.21.58 wurde eine problematische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /v1/usuario/ der Komponente Registered User Handler. Durch Beeinflussen mit unbekannten Daten kann eine cleartext transmission of sensitive information-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 2.21.59 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cleartext Transmission of Sensitive Information", + "cweId": "CWE-319" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Cryptographic Issues", + "cweId": "CWE-310" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Intelbras", + "product": { + "product_data": [ + { + "product_name": "InControl", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.21.0" + }, + { + "version_affected": "=", + "version_value": "2.21.1" + }, + { + "version_affected": "=", + "version_value": "2.21.2" + }, + { + "version_affected": "=", + "version_value": "2.21.3" + }, + { + "version_affected": "=", + "version_value": "2.21.4" + }, + { + "version_affected": "=", + "version_value": "2.21.5" + }, + { + "version_affected": "=", + "version_value": "2.21.6" + }, + { + "version_affected": "=", + "version_value": "2.21.7" + }, + { + "version_affected": "=", + "version_value": "2.21.8" + }, + { + "version_affected": "=", + "version_value": "2.21.9" + }, + { + "version_affected": "=", + "version_value": "2.21.10" + }, + { + "version_affected": "=", + "version_value": "2.21.11" + }, + { + "version_affected": "=", + "version_value": "2.21.12" + }, + { + "version_affected": "=", + "version_value": "2.21.13" + }, + { + "version_affected": "=", + "version_value": "2.21.14" + }, + { + "version_affected": "=", + "version_value": "2.21.15" + }, + { + "version_affected": "=", + "version_value": "2.21.16" + }, + { + "version_affected": "=", + "version_value": "2.21.17" + }, + { + "version_affected": "=", + "version_value": "2.21.18" + }, + { + "version_affected": "=", + "version_value": "2.21.19" + }, + { + "version_affected": "=", + "version_value": "2.21.20" + }, + { + "version_affected": "=", + "version_value": "2.21.21" + }, + { + "version_affected": "=", + "version_value": "2.21.22" + }, + { + "version_affected": "=", + "version_value": "2.21.23" + }, + { + "version_affected": "=", + "version_value": "2.21.24" + }, + { + "version_affected": "=", + "version_value": "2.21.25" + }, + { + "version_affected": "=", + "version_value": "2.21.26" + }, + { + "version_affected": "=", + "version_value": "2.21.27" + }, + { + "version_affected": "=", + "version_value": "2.21.28" + }, + { + "version_affected": "=", + "version_value": "2.21.29" + }, + { + "version_affected": "=", + "version_value": "2.21.30" + }, + { + "version_affected": "=", + "version_value": "2.21.31" + }, + { + "version_affected": "=", + "version_value": "2.21.32" + }, + { + "version_affected": "=", + "version_value": "2.21.33" + }, + { + "version_affected": "=", + "version_value": "2.21.34" + }, + { + "version_affected": "=", + "version_value": "2.21.35" + }, + { + "version_affected": "=", + "version_value": "2.21.36" + }, + { + "version_affected": "=", + "version_value": "2.21.37" + }, + { + "version_affected": "=", + "version_value": "2.21.38" + }, + { + "version_affected": "=", + "version_value": "2.21.39" + }, + { + "version_affected": "=", + "version_value": "2.21.40" + }, + { + "version_affected": "=", + "version_value": "2.21.41" + }, + { + "version_affected": "=", + "version_value": "2.21.42" + }, + { + "version_affected": "=", + "version_value": "2.21.43" + }, + { + "version_affected": "=", + "version_value": "2.21.44" + }, + { + "version_affected": "=", + "version_value": "2.21.45" + }, + { + "version_affected": "=", + "version_value": "2.21.46" + }, + { + "version_affected": "=", + "version_value": "2.21.47" + }, + { + "version_affected": "=", + "version_value": "2.21.48" + }, + { + "version_affected": "=", + "version_value": "2.21.49" + }, + { + "version_affected": "=", + "version_value": "2.21.50" + }, + { + "version_affected": "=", + "version_value": "2.21.51" + }, + { + "version_affected": "=", + "version_value": "2.21.52" + }, + { + "version_affected": "=", + "version_value": "2.21.53" + }, + { + "version_affected": "=", + "version_value": "2.21.54" + }, + { + "version_affected": "=", + "version_value": "2.21.55" + }, + { + "version_affected": "=", + "version_value": "2.21.56" + }, + { + "version_affected": "=", + "version_value": "2.21.57" + }, + { + "version_affected": "=", + "version_value": "2.21.58" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.293908", + "refsource": "MISC", + "name": "https://vuldb.com/?id.293908" + }, + { + "url": "https://vuldb.com/?ctiid.293908", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.293908" + }, + { + "url": "https://vuldb.com/?submit.483835", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.483835" + }, + { + "url": "https://eldruin.notion.site/Intelbras-InControl-v2-21-57-Password-exposed-in-clear-text-17d27474cccb806fba1efda195c78258?pvs=4", + "refsource": "MISC", + "name": "https://eldruin.notion.site/Intelbras-InControl-v2-21-57-Password-exposed-in-clear-text-17d27474cccb806fba1efda195c78258?pvs=4" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "eldruin (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.7, + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.7, + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 2.6, + "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ] } diff --git a/2025/22xxx/CVE-2025-22852.json b/2025/22xxx/CVE-2025-22852.json new file mode 100644 index 00000000000..959a27005ab --- /dev/null +++ b/2025/22xxx/CVE-2025-22852.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-22852", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24481.json b/2025/24xxx/CVE-2025-24481.json index c44e1e08368..f9a6212a7dd 100644 --- a/2025/24xxx/CVE-2025-24481.json +++ b/2025/24xxx/CVE-2025-24481.json @@ -1,18 +1,96 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24481", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "PSIRT@rockwellautomation.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Incorrect Permission Assignment Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect permissions being assigned to the remote debugger port and can allow for unauthenticated access to the system configuration." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-732 Incorrect Permission Assignment for Critical Resource", + "cweId": "CWE-732" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rockwell Automation", + "product": { + "product_data": [ + { + "product_name": "FactoryTalk\u00ae View Site Edition", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Protect physical access to the workstation & restrict access to port 8091 at the network or workstation.

" + } + ], + "value": "Protect physical access to the workstation & restrict access to port 8091 at the network or workstation." + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Upgrade to V15 or apply patch, answer ID 1152306.
" + } + ], + "value": "Upgrade to V15 or apply patch, answer ID 1152306." + } + ] } \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24482.json b/2025/24xxx/CVE-2025-24482.json index db32bf568fb..b11498132c3 100644 --- a/2025/24xxx/CVE-2025-24482.json +++ b/2025/24xxx/CVE-2025-24482.json @@ -1,18 +1,96 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24482", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "PSIRT@rockwellautomation.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to be executed with higher level permissions." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rockwell Automation", + "product": { + "product_data": [ + { + "product_name": "FactoryTalk\u00ae View Site Edition", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Check the environment variables (PATH), and make sure FactoryTalk\u00ae View SE installation path (C:\\Program Files (x86)\\Common Files\\Rockwell) is before all others\n\n
" + } + ], + "value": "Check the environment variables (PATH), and make sure FactoryTalk\u00ae View SE installation path (C:\\Program Files (x86)\\Common Files\\Rockwell) is before all others" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Upgrade to V15 or apply patch. Answer ID 1152304\n\n
" + } + ], + "value": "Upgrade to V15 or apply patch. Answer ID 1152304" + } + ] } \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24826.json b/2025/24xxx/CVE-2025-24826.json index a845b171363..e56ec4e7bec 100644 --- a/2025/24xxx/CVE-2025-24826.json +++ b/2025/24xxx/CVE-2025-24826.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24826", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@acronis.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4625." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-276", + "cweId": "CWE-276" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Acronis", + "product": { + "product_data": [ + { + "product_name": "Acronis Snap Deploy", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "4625" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://security-advisory.acronis.com/advisories/SEC-6436", + "refsource": "MISC", + "name": "https://security-advisory.acronis.com/advisories/SEC-6436" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "@wdormann (https://hackerone.com/wdormann)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.0", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2025/24xxx/CVE-2025-24913.json b/2025/24xxx/CVE-2025-24913.json new file mode 100644 index 00000000000..914ebbc72f9 --- /dev/null +++ b/2025/24xxx/CVE-2025-24913.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24913", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24914.json b/2025/24xxx/CVE-2025-24914.json new file mode 100644 index 00000000000..dff3c9b007e --- /dev/null +++ b/2025/24xxx/CVE-2025-24914.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24914", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24915.json b/2025/24xxx/CVE-2025-24915.json new file mode 100644 index 00000000000..603cdcdd2a8 --- /dev/null +++ b/2025/24xxx/CVE-2025-24915.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24915", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24916.json b/2025/24xxx/CVE-2025-24916.json new file mode 100644 index 00000000000..b64cd3398e9 --- /dev/null +++ b/2025/24xxx/CVE-2025-24916.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24916", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24917.json b/2025/24xxx/CVE-2025-24917.json new file mode 100644 index 00000000000..0e968acc5da --- /dev/null +++ b/2025/24xxx/CVE-2025-24917.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24917", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file