From a16b2994f1d8632d1c2881d9e3f1533504c7ae03 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 5 Jan 2024 19:00:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/39xxx/CVE-2023-39538.json | 5 ++ 2023/39xxx/CVE-2023-39539.json | 5 ++ 2023/40xxx/CVE-2023-40238.json | 5 ++ 2023/48xxx/CVE-2023-48706.json | 5 ++ 2023/48xxx/CVE-2023-48795.json | 5 ++ 2023/51xxx/CVE-2023-51384.json | 5 ++ 2023/51xxx/CVE-2023-51385.json | 5 ++ 2024/0xxx/CVE-2024-0247.json | 95 ++++++++++++++++++++++++++++++++-- 2024/0xxx/CVE-2024-0253.json | 18 +++++++ 2024/0xxx/CVE-2024-0254.json | 18 +++++++ 2024/22xxx/CVE-2024-22167.json | 18 +++++++ 2024/22xxx/CVE-2024-22168.json | 18 +++++++ 2024/22xxx/CVE-2024-22169.json | 18 +++++++ 2024/22xxx/CVE-2024-22170.json | 18 +++++++ 2024/22xxx/CVE-2024-22171.json | 18 +++++++ 2024/22xxx/CVE-2024-22172.json | 18 +++++++ 2024/22xxx/CVE-2024-22173.json | 18 +++++++ 2024/22xxx/CVE-2024-22174.json | 18 +++++++ 2024/22xxx/CVE-2024-22175.json | 18 +++++++ 2024/22xxx/CVE-2024-22176.json | 18 +++++++ 20 files changed, 342 insertions(+), 4 deletions(-) create mode 100644 2024/0xxx/CVE-2024-0253.json create mode 100644 2024/0xxx/CVE-2024-0254.json create mode 100644 2024/22xxx/CVE-2024-22167.json create mode 100644 2024/22xxx/CVE-2024-22168.json create mode 100644 2024/22xxx/CVE-2024-22169.json create mode 100644 2024/22xxx/CVE-2024-22170.json create mode 100644 2024/22xxx/CVE-2024-22171.json create mode 100644 2024/22xxx/CVE-2024-22172.json create mode 100644 2024/22xxx/CVE-2024-22173.json create mode 100644 2024/22xxx/CVE-2024-22174.json create mode 100644 2024/22xxx/CVE-2024-22175.json create mode 100644 2024/22xxx/CVE-2024-22176.json diff --git a/2023/39xxx/CVE-2023-39538.json b/2023/39xxx/CVE-2023-39538.json index ba9795043d9..18ac19a38d9 100644 --- a/2023/39xxx/CVE-2023-39538.json +++ b/2023/39xxx/CVE-2023-39538.json @@ -67,6 +67,11 @@ "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023009.pdf", "refsource": "MISC", "name": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023009.pdf" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240105-0003/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240105-0003/" } ] }, diff --git a/2023/39xxx/CVE-2023-39539.json b/2023/39xxx/CVE-2023-39539.json index 81e79bca91a..e1ef38c8b2e 100644 --- a/2023/39xxx/CVE-2023-39539.json +++ b/2023/39xxx/CVE-2023-39539.json @@ -72,6 +72,11 @@ "url": "https://www.kb.cert.org/vuls/id/811862", "refsource": "MISC", "name": "https://www.kb.cert.org/vuls/id/811862" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240105-0003/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240105-0003/" } ] }, diff --git a/2023/40xxx/CVE-2023-40238.json b/2023/40xxx/CVE-2023-40238.json index 23c1a8f11b1..e73fc4ef1a4 100644 --- a/2023/40xxx/CVE-2023-40238.json +++ b/2023/40xxx/CVE-2023-40238.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html", "url": "https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20240105-0002/", + "url": "https://security.netapp.com/advisory/ntap-20240105-0002/" } ] } diff --git a/2023/48xxx/CVE-2023-48706.json b/2023/48xxx/CVE-2023-48706.json index 975ae528e4f..ee09189cbf7 100644 --- a/2023/48xxx/CVE-2023-48706.json +++ b/2023/48xxx/CVE-2023-48706.json @@ -88,6 +88,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IVA7K73WHQH4KVFDJQ7ELIUD2WK5ZT5E/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IVA7K73WHQH4KVFDJQ7ELIUD2WK5ZT5E/" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240105-0001/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240105-0001/" } ] }, diff --git a/2023/48xxx/CVE-2023-48795.json b/2023/48xxx/CVE-2023-48795.json index a2420df70a1..231ec0e4886 100644 --- a/2023/48xxx/CVE-2023-48795.json +++ b/2023/48xxx/CVE-2023-48795.json @@ -536,6 +536,11 @@ "refsource": "FEDORA", "name": "FEDORA-2023-153404713b", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20240105-0004/", + "url": "https://security.netapp.com/advisory/ntap-20240105-0004/" } ] } diff --git a/2023/51xxx/CVE-2023-51384.json b/2023/51xxx/CVE-2023-51384.json index b6a8001095b..e77dfbff0d5 100644 --- a/2023/51xxx/CVE-2023-51384.json +++ b/2023/51xxx/CVE-2023-51384.json @@ -71,6 +71,11 @@ "refsource": "DEBIAN", "name": "DSA-5586", "url": "https://www.debian.org/security/2023/dsa-5586" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20240105-0005/", + "url": "https://security.netapp.com/advisory/ntap-20240105-0005/" } ] } diff --git a/2023/51xxx/CVE-2023-51385.json b/2023/51xxx/CVE-2023-51385.json index 625adafd3a9..231f9e2787d 100644 --- a/2023/51xxx/CVE-2023-51385.json +++ b/2023/51xxx/CVE-2023-51385.json @@ -91,6 +91,11 @@ "refsource": "GENTOO", "name": "GLSA-202312-17", "url": "https://security.gentoo.org/glsa/202312-17" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20240105-0005/", + "url": "https://security.netapp.com/advisory/ntap-20240105-0005/" } ] } diff --git a/2024/0xxx/CVE-2024-0247.json b/2024/0xxx/CVE-2024-0247.json index e8ebfec7a33..e7e4e34f18f 100644 --- a/2024/0xxx/CVE-2024-0247.json +++ b/2024/0xxx/CVE-2024-0247.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0247", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical was found in CodeAstro Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /admin/ of the component Admin Panel. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249778 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "In CodeAstro Online Food Ordering System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /admin/ der Komponente Admin Panel. Dank Manipulation des Arguments Username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "CodeAstro", + "product": { + "product_data": [ + { + "product_name": "Online Food Ordering System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.249778", + "refsource": "MISC", + "name": "https://vuldb.com/?id.249778" + }, + { + "url": "https://vuldb.com/?ctiid.249778", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.249778" + }, + { + "url": "https://drive.google.com/file/d/13xhOZ3Zg-XoviVC744PPDorTxYbLUgbv/view?usp=sharing", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/13xhOZ3Zg-XoviVC744PPDorTxYbLUgbv/view?usp=sharing" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Krishnadaspv (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2024/0xxx/CVE-2024-0253.json b/2024/0xxx/CVE-2024-0253.json new file mode 100644 index 00000000000..80dcbb3e673 --- /dev/null +++ b/2024/0xxx/CVE-2024-0253.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0253", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0254.json b/2024/0xxx/CVE-2024-0254.json new file mode 100644 index 00000000000..e016e6c2a38 --- /dev/null +++ b/2024/0xxx/CVE-2024-0254.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0254", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22167.json b/2024/22xxx/CVE-2024-22167.json new file mode 100644 index 00000000000..892fcd37a20 --- /dev/null +++ b/2024/22xxx/CVE-2024-22167.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22167", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22168.json b/2024/22xxx/CVE-2024-22168.json new file mode 100644 index 00000000000..2d4f1bd6614 --- /dev/null +++ b/2024/22xxx/CVE-2024-22168.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22168", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22169.json b/2024/22xxx/CVE-2024-22169.json new file mode 100644 index 00000000000..92bd71ef63b --- /dev/null +++ b/2024/22xxx/CVE-2024-22169.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22169", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22170.json b/2024/22xxx/CVE-2024-22170.json new file mode 100644 index 00000000000..36f7e5fd916 --- /dev/null +++ b/2024/22xxx/CVE-2024-22170.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22170", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22171.json b/2024/22xxx/CVE-2024-22171.json new file mode 100644 index 00000000000..5590690d784 --- /dev/null +++ b/2024/22xxx/CVE-2024-22171.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22171", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22172.json b/2024/22xxx/CVE-2024-22172.json new file mode 100644 index 00000000000..1ba99e152ff --- /dev/null +++ b/2024/22xxx/CVE-2024-22172.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22172", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22173.json b/2024/22xxx/CVE-2024-22173.json new file mode 100644 index 00000000000..c5e24425080 --- /dev/null +++ b/2024/22xxx/CVE-2024-22173.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22173", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22174.json b/2024/22xxx/CVE-2024-22174.json new file mode 100644 index 00000000000..81ba03e04dd --- /dev/null +++ b/2024/22xxx/CVE-2024-22174.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22174", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22175.json b/2024/22xxx/CVE-2024-22175.json new file mode 100644 index 00000000000..8caa9db10e1 --- /dev/null +++ b/2024/22xxx/CVE-2024-22175.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22175", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22176.json b/2024/22xxx/CVE-2024-22176.json new file mode 100644 index 00000000000..825a574c4bb --- /dev/null +++ b/2024/22xxx/CVE-2024-22176.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-22176", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file