From a86d29d35f90fb0c7766e5128870228322b6dee6 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 5 Jul 2024 16:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/23xxx/CVE-2024-23997.json | 56 ++++++++++++++++++++++++++++++---- 2024/23xxx/CVE-2024-23998.json | 56 ++++++++++++++++++++++++++++++---- 2024/29xxx/CVE-2024-29318.json | 56 ++++++++++++++++++++++++++++++---- 2024/29xxx/CVE-2024-29319.json | 56 ++++++++++++++++++++++++++++++---- 2024/38xxx/CVE-2024-38346.json | 5 +++ 2024/39xxx/CVE-2024-39210.json | 56 ++++++++++++++++++++++++++++++---- 2024/39xxx/CVE-2024-39864.json | 5 +++ 2024/3xxx/CVE-2024-3727.json | 4 +-- 8 files changed, 262 insertions(+), 32 deletions(-) diff --git a/2024/23xxx/CVE-2024-23997.json b/2024/23xxx/CVE-2024-23997.json index 678c3213000..56d98e49c21 100644 --- a/2024/23xxx/CVE-2024-23997.json +++ b/2024/23xxx/CVE-2024-23997.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-23997", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-23997", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Lukas Bach yana =<1.0.16 is vulnerable to Cross Site Scripting (XSS) via src/electron-main.ts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/EQSTLab/PoC/tree/main/2024/LCE/CVE-2024-23997", + "url": "https://github.com/EQSTLab/PoC/tree/main/2024/LCE/CVE-2024-23997" } ] } diff --git a/2024/23xxx/CVE-2024-23998.json b/2024/23xxx/CVE-2024-23998.json index 8a7a143c89e..e93cd1849d4 100644 --- a/2024/23xxx/CVE-2024-23998.json +++ b/2024/23xxx/CVE-2024-23998.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-23998", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-23998", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via src/components/Setting.vue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/EQSTLab/PoC/tree/main/2024/LCE/CVE-2024-23998", + "url": "https://github.com/EQSTLab/PoC/tree/main/2024/LCE/CVE-2024-23998" } ] } diff --git a/2024/29xxx/CVE-2024-29318.json b/2024/29xxx/CVE-2024-29318.json index 2e312d695bf..71a6df01d53 100644 --- a/2024/29xxx/CVE-2024-29318.json +++ b/2024/29xxx/CVE-2024-29318.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29318", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29318", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Volmarg Personal Management System 1.4.64 is vulnerable to stored cross site scripting (XSS) via upload of a SVG file with embedded javascript code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-29318", + "url": "https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-29318" } ] } diff --git a/2024/29xxx/CVE-2024-29319.json b/2024/29xxx/CVE-2024-29319.json index a14b37010b3..1e8fe30bbac 100644 --- a/2024/29xxx/CVE-2024-29319.json +++ b/2024/29xxx/CVE-2024-29319.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29319", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29319", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via uploading a SVG file. The server can make unintended HTTP and DNS requests to a server that the attacker controls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-29319", + "url": "https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-29319" } ] } diff --git a/2024/38xxx/CVE-2024-38346.json b/2024/38xxx/CVE-2024-38346.json index 120101063bc..a6c95449795 100644 --- a/2024/38xxx/CVE-2024-38346.json +++ b/2024/38xxx/CVE-2024-38346.json @@ -74,6 +74,11 @@ "url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-1-and-4-19-0-2/", "refsource": "MISC", "name": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-1-and-4-19-0-2/" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/05/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/07/05/1" } ] }, diff --git a/2024/39xxx/CVE-2024-39210.json b/2024/39xxx/CVE-2024-39210.json index 9d8afd38361..500d44b6922 100644 --- a/2024/39xxx/CVE-2024-39210.json +++ b/2024/39xxx/CVE-2024-39210.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-39210", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-39210", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Best House Rental Management System v1.0 was discovered to contain an arbitrary file read vulnerability via the Page parameter at index.php. This vulnerability allows attackers to read arbitrary PHP files and access other sensitive information within the application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/KRookieSec/CVE-2024-39210", + "url": "https://github.com/KRookieSec/CVE-2024-39210" } ] } diff --git a/2024/39xxx/CVE-2024-39864.json b/2024/39xxx/CVE-2024-39864.json index c428c044875..10fac3aebc4 100644 --- a/2024/39xxx/CVE-2024-39864.json +++ b/2024/39xxx/CVE-2024-39864.json @@ -83,6 +83,11 @@ "url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-1-and-4-19-0-2/", "refsource": "MISC", "name": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-1-and-4-19-0-2/" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/05/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/07/05/1" } ] }, diff --git a/2024/3xxx/CVE-2024-3727.json b/2024/3xxx/CVE-2024-3727.json index 6a32f276910..a4513065952 100644 --- a/2024/3xxx/CVE-2024-3727.json +++ b/2024/3xxx/CVE-2024-3727.json @@ -58,7 +58,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "2:1.14.4-1.rhaos4.16.el8", + "version": "2:1.14.4-1.rhaos4.16.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected" @@ -72,7 +72,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "0:1.29.5-7.rhaos4.16.git7db4ada.el8", + "version": "0:1.29.5-7.rhaos4.16.git7db4ada.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"