admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-04-02 14:27:31 +00:00
parent 952006f80e
commit bc58cb9f5f
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
98 changed files with 3451 additions and 243 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2020/36xxx/CVE-2020-36776.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "371a3bc79c11b",
"version_name": "371a3bc79c11",
"version_value": "c24a20912eef"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-b01c2a820106"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46904.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "72dc1c096c705",
"version_name": "72dc1c096c70",
"version_value": "a462067d7c8e"
},
{
@ -163,6 +163,6 @@
]
},
"generator": {
"engine": "bippy-5e66918c8507"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46910.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "2a15ba82fa6ca3f3",
"version_name": "2a15ba82fa6c",
"version_value": "5965ac11b1d5"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-b01c2a820106"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46921.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "b519b56e378ee",
"version_name": "b519b56e378e",
"version_value": "5902f9453a31"
},
{
@ -130,6 +130,6 @@
]
},
"generator": {
"engine": "bippy-b01c2a820106"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46939.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "14131f2f98ac3",
"version_name": "14131f2f98ac",
"version_value": "91ca6f6a91f6"
},
{
@ -174,6 +174,6 @@
]
},
"generator": {
"engine": "bippy-b01c2a820106"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46942.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "37d1e2e3642e2",
"version_name": "37d1e2e3642e",
"version_value": "cb5e0b3d0f99"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-b01c2a820106"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46957.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "c22b0bcb1dd02",
"version_name": "c22b0bcb1dd0",
"version_value": "fd0f06590d35"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-b01c2a820106"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46958.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "ef67963dac255b",
"version_name": "ef67963dac25",
"version_value": "a4794be7b00b"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-b01c2a820106"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46979.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "8dedcc3eee3ac",
"version_name": "8dedcc3eee3a",
"version_value": "11e1cae5da40"
},
{
@ -108,6 +108,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46983.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "ca0f1a8055be2",
"version_name": "ca0f1a8055be",
"version_value": "64f3410c7bfc"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46987.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "c53e9653605dbf",
"version_name": "c53e9653605d",
"version_value": "d5347827d0b4"
},
{
@ -108,6 +108,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46989.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "31651c607151f",
"version_name": "31651c607151",
"version_value": "52dde855663e"
},
{
@ -141,6 +141,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/46xxx/CVE-2021-46998.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "fb7516d42478e",
"version_name": "fb7516d42478",
"version_value": "25a87b1f566b"
},
{
@ -141,6 +141,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47005.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "2c04c5b8eef79",
"version_name": "2c04c5b8eef7",
"version_value": "bbed83d7060e"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47013.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "b9b17debc69d2",
"version_name": "b9b17debc69d",
"version_value": "c7f75d11fe72"
},
{
@ -163,6 +163,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47017.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "c8334512f3dd1",
"version_name": "c8334512f3dd",
"version_value": "8bb054fb336f"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47029.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "d0e274af2f2e4",
"version_name": "d0e274af2f2e",
"version_value": "2554b9cb4b5e"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47030.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "d2bf7959d9c0f",
"version_name": "d2bf7959d9c0",
"version_value": "54b989653c55"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47031.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1c099ab44727c",
"version_name": "1c099ab44727",
"version_value": "481122637445"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47035.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "b802d070a52a1",
"version_name": "b802d070a52a",
"version_value": "c848416cc05a"
},
{
@ -130,6 +130,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47040.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "efe68c1ca8f49",
"version_name": "efe68c1ca8f4",
"version_value": "cbbc13b115b8"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47042.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "3a00c04212d1cf",
"version_name": "3a00c04212d1",
"version_value": "296443139f89"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47068.json
View File

@ -75,7 +75,7 @@
},
{
"version_affected": "<",
"version_name": "c33b1cc62",
"version_name": "c33b1cc62ac0",
"version_value": "18175fe17ae0"
},
{
@ -199,6 +199,6 @@
]
},
"generator": {
"engine": "bippy-4986f5686161"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47069.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "0d97a82ba830d8",
"version_name": "0d97a82ba830",
"version_value": "4528c0c32308"
},
{
@ -108,6 +108,6 @@
]
},
"generator": {
"engine": "bippy-4986f5686161"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47072.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "64d6b281ba4db0",
"version_name": "64d6b281ba4d",
"version_value": "6d0924c5b742"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-4986f5686161"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47079.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "ff36b0d953dc4",
"version_name": "ff36b0d953dc",
"version_value": "beab753fe3b4"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-4986f5686161"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47081.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "423815bf02e25",
"version_name": "423815bf02e2",
"version_value": "b49f5af30b0e"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-4986f5686161"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47118.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "9ec52099e4b8678a",
"version_name": "9ec52099e4b8",
"version_value": "764c2e892d1f"
},
{
@ -163,6 +163,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47123.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "90cd7e424969d",
"version_name": "90cd7e424969",
"version_value": "1f64f5e903b9"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47124.json
View File

@ -45,7 +45,7 @@
},
{
"version_affected": "<",
"version_name": "9ae1f8dd372e0",
"version_name": "9ae1f8dd372e",
"version_value": "876808dba2ff"
},
{
@ -125,6 +125,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47126.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "706ec91916462",
"version_name": "706ec9191646",
"version_value": "7ba7fa78a92d"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47134.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "b91540d52a08b",
"version_name": "b91540d52a08",
"version_value": "5148066edbdc"
},
{
@ -108,6 +108,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47135.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1c099ab44727c",
"version_name": "1c099ab44727",
"version_value": "6919e8a24e70"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47172.json
View File

@ -45,7 +45,7 @@
},
{
"version_affected": "<",
"version_name": "d7857e4ee1ba6",
"version_name": "d7857e4ee1ba",
"version_value": "f70122825076"
},
{
@ -114,6 +114,6 @@
]
},
"generator": {
"engine": "bippy-b4257b672505"
"engine": "bippy-1e70cc10feda"
}
}

4
2021/47xxx/CVE-2021-47177.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "39ab9555c2411",
"version_name": "39ab9555c241",
"version_value": "22da9f497838"
},
{
@ -141,6 +141,6 @@
]
},
"generator": {
"engine": "bippy-b4257b672505"
"engine": "bippy-1e70cc10feda"
}
}

17
2022/31xxx/CVE-2022-31630.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "In PHP versions prior to 7.4.33, 8.0.25 and 8.2.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information."
"value": "In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.\u00a0"
}
]
},
@ -49,16 +49,19 @@
"version": {
"version_data": [
{
"version_value": "7.4.x",
"version_affected": "="
"version_affected": "<",
"version_name": "7.4.x",
"version_value": "7.4.33"
},
{
"version_value": "8.0.x",
"version_affected": "="
"version_affected": "<",
"version_name": "8.0.x",
"version_value": "8.0.25"
},
{
"version_value": "8.1.x",
"version_affected": "="
"version_affected": "<",
"version_name": "8.1.x",
"version_value": "8.1.12"
}
]
}

83
2023/50xxx/CVE-2023-50313.json
View File

@ -1,17 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50313",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274812."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"cweId": "CWE-327"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "WebSphere Application Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "8.5, 9.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/7145620",
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/7145620"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/274812",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/274812"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

164
2023/51xxx/CVE-2023-51455.json
View File

@ -1,17 +1,173 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51455",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@nozominetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Improper Validation of Array Index issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to corrupt a controlled memory location due to a missing input validation in the on_receive_session_packet_ack function implemented in the libv2_sdk.so library used by the dji_vtwo_sdk binary implementing the service, potentially leading to a memory information leak or to an arbitrary code execution. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-129 Improper Validation of Array Index",
"cweId": "CWE-129"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "DJI",
"product": {
"product_data": [
{
"product_name": "Mavic 3 Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.01.0300"
}
]
}
},
{
"product_name": "Mavic 3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.1200"
}
]
}
},
{
"product_name": "Mavic 3 Classic",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.0500"
}
]
}
},
{
"product_name": "Mavic 3 Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "7.01.10.03"
}
]
}
},
{
"product_name": "Matrice M30",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "07.01.0022"
}
]
}
},
{
"product_name": "Mini 3 Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.0620"
}
]
}
}
]
}
},
{
"vendor_name": "DJI ",
"product": {
"product_data": [
{
"product_name": "Matrice 300",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "57.00.01.00"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-51455/",
"refsource": "MISC",
"name": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-51455/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Diego Giubertoni of Nozomi Networks"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

164
2023/51xxx/CVE-2023-51456.json
View File

@ -1,17 +1,173 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51456",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@nozominetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to trigger an out-of-bound read/write into the process memory through a crafted payload due to a missing input sanity check in the v2_pack_array_to_msg function implemented in the libv2_sdk.so library imported by the v2_sdk_service binary implementing the service, potentially leading to a memory information leak or an arbitrary code execution. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "DJI",
"product": {
"product_data": [
{
"product_name": "Mavic 3 Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.01.0300"
}
]
}
},
{
"product_name": "Mavic 3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.1200"
}
]
}
},
{
"product_name": "Mavic 3 Classic",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.0500"
}
]
}
},
{
"product_name": "Mavic 3 Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "7.01.10.03"
}
]
}
},
{
"product_name": "Matrice M30",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "07.01.0022"
}
]
}
},
{
"product_name": "Mini 3 Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.0620"
}
]
}
}
]
}
},
{
"vendor_name": "DJI ",
"product": {
"product_data": [
{
"product_name": "Matrice 300",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "57.00.01.00"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-51456/",
"refsource": "MISC",
"name": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-51456/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Diego Giubertoni of Nozomi Networks"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

4
2023/52xxx/CVE-2023-52452.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "01f810ace9ed3",
"version_name": "01f810ace9ed",
"version_value": "0954982db828"
},
{
@ -108,6 +108,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

4
2023/52xxx/CVE-2023-52461.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "56e449603f0ac5",
"version_name": "56e449603f0a",
"version_value": "1470d173925d"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

16
2023/6xxx/CVE-2023-6814.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 through 11-20-*, from 11-10 through 11-10-*, from 11-00 before 11-00-12, All versions of V8 and V9.\n\n"
"value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 through 11-10-*, from 11-00 before 11-00-12, All versions of V8 and V9.\n\n"
}
]
},
@ -56,7 +56,19 @@
"versionType": "custom"
},
{
"lessThanOrEqual": "11-20-*",
"changes": [
{
"at": "11-20-07",
"status": "unaffected"
}
],
"lessThan": "11-20-07",
"status": "affected",
"version": "11-20",
"versionType": "custom"
},
{
"lessThanOrEqual": "11-10-*",
"status": "affected",
"version": "11-10",
"versionType": "custom"

85
2023/6xxx/CVE-2023-6949.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6949",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@nozominetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** DISPUTED ** A Missing Authentication for Critical Function issue affecting the HTTP service running on the DJI Mavic Mini 3 Pro on the standard port 80 could allow an attacker to enumerate and download videos and pictures saved on the drone internal or external memory without requiring any kind of authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function",
"cweId": "CWE-306"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "DJI",
"product": {
"product_data": [
{
"product_name": "Mini 3 Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.1200"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-6949/",
"refsource": "MISC",
"name": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-6949/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Diego Giubertoni of Nozomi Networks"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

85
2023/6xxx/CVE-2023-6950.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6950",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@nozominetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** DISPUTED ** An Improper Input Validation vulnerability affecting the FTP service running on the DJI Mavic Mini 3 Pro could allow an attacker to craft a malicious packet containing a malformed path provided to the FTP SIZE command that leads to a denial-of-service attack of the FTP service itself."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "DJI",
"product": {
"product_data": [
{
"product_name": "Mini 3 Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.1200"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-6950/",
"refsource": "MISC",
"name": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-6950/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Diego Giubertoni of Nozomi Networks"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
]
}

164
2023/6xxx/CVE-2023-6951.json
View File

@ -1,17 +1,173 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6951",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "prodsec@nozominetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to the drone\u2019s Wi- Fi network. This, in turn, allows the attacker to perform unauthorized interaction with the network services exposed by the drone and to potentially decrypt the Wi-Fi traffic exchanged between the drone and the Android/IOS device of the legitimate user during QuickTransfer mode. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1391: Use of Weak Credentials",
"cweId": "CWE-1391"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "DJI",
"product": {
"product_data": [
{
"product_name": "Mavic 3 Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.01.0300"
}
]
}
},
{
"product_name": "Mavic 3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.1200"
}
]
}
},
{
"product_name": "Mavic 3 Classic",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.0500"
}
]
}
},
{
"product_name": "Mavic 3 Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "7.01.10.03"
}
]
}
},
{
"product_name": "Matrice M30",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "07.01.0022"
}
]
}
},
{
"product_name": "Mini 3 Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "01.00.0620"
}
]
}
}
]
}
},
{
"vendor_name": "DJI ",
"product": {
"product_data": [
{
"product_name": "Matrice 300",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "57.00.01.00"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-6951/",
"refsource": "MISC",
"name": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-6951/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Nicolo' Facchi of Nozomi Networks"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
}

2
2024/20xxx/CVE-2024-20804.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file."
"value": "Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file."
}
]
},

2
2024/20xxx/CVE-2024-20805.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file."
"value": "Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file."
}
]
},

2
2024/20xxx/CVE-2024-20807.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows attacker to get sensitive information."
"value": "Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows local attacker to get sensitive information."
}
]
},

2
2024/20xxx/CVE-2024-20810.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows attackers to get sensitive information."
"value": "Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information."
}
]
},

2
2024/20xxx/CVE-2024-20814.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows attacker access unauthorized information."
"value": "Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information."
}
]
},

2
2024/20xxx/CVE-2024-20820.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows attacker to cause an Out-Of-Bounds read."
"value": "Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read."
}
]
},

2
2024/20xxx/CVE-2024-20831.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows a privileged attackers to execute arbitrary code."
"value": "Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code."
}
]
},

2
2024/20xxx/CVE-2024-20832.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows a privileged attacker to execute arbitrary code."
"value": "Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code."
}
]
},

79
2024/20xxx/CVE-2024-20842.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20842",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "mobile.security@samsung.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Samsung Mobile",
"product": {
"product_data": [
{
"product_name": "Samsung Mobile Devices",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2024 Release in Android 12, 13, 14"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04",
"refsource": "MISC",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseSeverity": "MEDIUM",
"baseScore": 4.2,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"
}
]
}

79
2024/20xxx/CVE-2024-20843.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20843",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "mobile.security@samsung.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Samsung Mobile",
"product": {
"product_data": [
{
"product_name": "Samsung Mobile Devices",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2024 Release in Android 12, 13, 14"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04",
"refsource": "MISC",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseSeverity": "MEDIUM",
"baseScore": 5.6,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L"
}
]
}

79
2024/20xxx/CVE-2024-20844.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20844",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "mobile.security@samsung.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Samsung Mobile",
"product": {
"product_data": [
{
"product_name": "Samsung Mobile Devices",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2024 Release in Android 12"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04",
"refsource": "MISC",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseSeverity": "HIGH",
"baseScore": 8.4,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
]
}

79
2024/20xxx/CVE-2024-20845.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20845",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "mobile.security@samsung.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Samsung Mobile",
"product": {
"product_data": [
{
"product_name": "Samsung Mobile Devices",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2024 Release in Android 12"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04",
"refsource": "MISC",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseSeverity": "HIGH",
"baseScore": 8.4,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
]
}

79
2024/20xxx/CVE-2024-20846.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20846",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "mobile.security@samsung.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Samsung Mobile",
"product": {
"product_data": [
{
"product_name": "Samsung Mobile Devices",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2024 Release in Android 12"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04",
"refsource": "MISC",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseSeverity": "MEDIUM",
"baseScore": 5.9,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
}
]
}

79
2024/20xxx/CVE-2024-20847.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20847",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "mobile.security@samsung.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024 Release 1 allows local attackers to read sdcard information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Samsung Mobile",
"product": {
"product_data": [
{
"product_name": "Samsung Mobile Devices",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2024 Release in Android 12, 13, 14"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04",
"refsource": "MISC",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseSeverity": "MEDIUM",
"baseScore": 4,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
]
}

79
2024/20xxx/CVE-2024-20848.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20848",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "mobile.security@samsung.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bound Write vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Samsung Mobile",
"product": {
"product_data": [
{
"product_name": "Samsung Mobile Devices",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2024 Release in Android 12, 13, 14"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04",
"refsource": "MISC",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseSeverity": "MEDIUM",
"baseScore": 5.1,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
}
]
}

79
2024/20xxx/CVE-2024-20849.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20849",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "mobile.security@samsung.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Samsung Mobile",
"product": {
"product_data": [
{
"product_name": "Samsung Mobile Devices",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "SMR Apr-2024 Release in Android 12, 13, 14"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04",
"refsource": "MISC",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseSeverity": "HIGH",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"
}
]
}

79
2024/20xxx/CVE-2024-20850.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20850",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "mobile.security@samsung.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung Pay."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-927: Use of Implicit Intent for Sensitive Communication"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Samsung Mobile",
"product": {
"product_data": [
{
"product_name": "Samsung Pay",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "5.4.99"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=04",
"refsource": "MISC",
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=04"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseSeverity": "MEDIUM",
"baseScore": 6.2,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
]
}

66
2024/22xxx/CVE-2024-22780.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22780",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-22780",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerability in CA17 TeamsACS v.1.0.1 allows a remote attacker to execute arbitrary code via a crafted script to the errmsg parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://ca17.com",
"refsource": "MISC",
"name": "http://ca17.com"
},
{
"url": "https://github.com/CA17/TeamsACS",
"refsource": "MISC",
"name": "https://github.com/CA17/TeamsACS"
},
{
"refsource": "MISC",
"name": "https://fuo.fi/CVE-2024-22780/",
"url": "https://fuo.fi/CVE-2024-22780/"
}
]
}

4
2024/26xxx/CVE-2024-26588.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "bbfddb904df6f82",
"version_name": "bbfddb904df6",
"version_value": "4631c2dd69d9"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

4
2024/26xxx/CVE-2024-26591.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "f3a95075549e0",
"version_name": "f3a95075549e",
"version_value": "a7b98aa10f89"
},
{
@ -130,6 +130,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-1e70cc10feda"
}
}

5
2024/26xxx/CVE-2024-26651.json
View File

@ -170,6 +170,11 @@
"url": "https://git.kernel.org/stable/c/07161b2416f740a2cb87faa5566873f401440a61",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/07161b2416f740a2cb87faa5566873f401440a61"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SI2D7K2T6QCWALKLYEWZ22P4UXMEBCGB/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SI2D7K2T6QCWALKLYEWZ22P4UXMEBCGB/"
}
]
},

56
2024/29xxx/CVE-2024-29514.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-29514",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-29514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute arbitrary code via uploading a crafted PHP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/zzq66/cve6/",
"refsource": "MISC",
"name": "https://github.com/zzq66/cve6/"
}
]
}

80
2024/29xxx/CVE-2024-29947.json
View File

@ -1,17 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-29947",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "hsrc@hikvision.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality. "
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hikvision",
"product": {
"product_data": [
{
"product_name": "DS-7604NI-K1 / 4P(B)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "V4.30.096build221220 and the versions prior to it"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/",
"refsource": "MISC",
"name": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
]
},
"generator": {
"engine": "cveClient/1.0.15"
},
"credits": [
{
"lang": "en",
"value": "KITRI BoB 12th"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"
}
]
}

88
2024/29xxx/CVE-2024-29948.json
View File

@ -1,17 +1,97 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-29948",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "hsrc@hikvision.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a service abnormality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hikvision",
"product": {
"product_data": [
{
"product_name": "DS-7604NXI-K1/4P",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "V4.76.005 build231012 and the versions prior to it",
"status": "affected"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/",
"refsource": "MISC",
"name": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
]
},
"generator": {
"engine": "cveClient/1.0.15"
},
"credits": [
{
"lang": "en",
"value": "KITRI BoB 12th"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L"
}
]
}

209
2024/29xxx/CVE-2024-29949.json
View File

@ -1,17 +1,218 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-29949",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "hsrc@hikvision.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hikvision",
"product": {
"product_data": [
{
"product_name": "DS-7604NI-K1 / 4P(B)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "V4.30.096build221220 and the versions prior to it"
}
]
}
},
{
"product_name": "DS-76xxNI-Mx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
}
},
{
"product_name": "DS-77xxNI-Mx",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09",
"status": "affected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "DS-96xxxNI-Mxx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
}
},
{
"product_name": "DS-76xxNXI-Ix",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
}
},
{
"product_name": "DS-77xxNXI-Ix",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
}
},
{
"product_name": "DS-86xxNXI-Ix",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
}
},
{
"product_name": "DS-96xxNXI-Ix",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
}
},
{
"product_name": "iDS-76xxNXI-Mx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
}
},
{
"product_name": "iDS-77xxNXI-Mx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
}
},
{
"product_name": "iDS-96xxxMXI-Mxx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
}
},
{
"product_name": "DS-7604NI-M1/4P",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions after V5.00.000 (including V5.00.000) and before V5.01.070\uff08not including V5.01.070\uff09"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/",
"refsource": "MISC",
"name": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
]
},
"generator": {
"engine": "cveClient/1.0.15"
},
"credits": [
{
"lang": "en",
"value": "KITRI BoB 12th"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
}
]
}

105
2024/2xxx/CVE-2024-2389.json
View File

@ -1,17 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2389",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@progress.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.\u00a0 An unauthenticated user\u00a0can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Progress Software",
"product": {
"product_data": [
{
"product_name": "Flowmon",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "11.1.14",
"status": "affected",
"version": "11.X",
"versionType": "semver"
},
{
"lessThan": "12.3.5",
"status": "affected",
"version": "12.X",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.flowmon.com",
"refsource": "MISC",
"name": "https://www.flowmon.com"
},
{
"url": "https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability",
"refsource": "MISC",
"name": "https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Rhino Security Labs - David Yesland"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

56
2024/30xxx/CVE-2024-30620.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-30620",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-30620",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function fromAdvSetMacMtuWan."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.md",
"refsource": "MISC",
"name": "https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.md"
}
]
}

56
2024/30xxx/CVE-2024-30621.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-30621",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-30621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AX1803 v1.0.0.1 contains a stack overflow via the serverName parameter in the function fromAdvSetMacMtuWan."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serverName_parameter_in_the_function_fromAdvSetMacMtuWan.md",
"refsource": "MISC",
"name": "https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serverName_parameter_in_the_function_fromAdvSetMacMtuWan.md"
}
]
}

56
2024/30xxx/CVE-2024-30946.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-30946",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-30946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/co_do.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/testgo1safe/cms/blob/main/1.md",
"refsource": "MISC",
"name": "https://github.com/testgo1safe/cms/blob/main/1.md"
}
]
}

61
2024/30xxx/CVE-2024-30965.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-30965",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-30965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Fishkey1/cms/tree/main",
"refsource": "MISC",
"name": "https://github.com/Fishkey1/cms/tree/main"
},
{
"refsource": "MISC",
"name": "https://github.com/Fishkey1/cms/commit/e9d294951ab2dd85709f1d12ad4747f25d326b1b",
"url": "https://github.com/Fishkey1/cms/commit/e9d294951ab2dd85709f1d12ad4747f25d326b1b"
}
]
}

77
2024/3xxx/CVE-2024-3137.json
View File

@ -1,17 +1,86 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3137",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@huntr.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Privilege Management in uvdesk/community-skeleton"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management",
"cweId": "CWE-269"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "uvdesk",
"product": {
"product_data": [
{
"product_name": "uvdesk/community-skeleton",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "latest"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.com/bounties/faf74783-644c-40cd-aa98-2239e5fafcd1",
"refsource": "MISC",
"name": "https://huntr.com/bounties/faf74783-644c-40cd-aa98-2239e5fafcd1"
}
]
},
"source": {
"advisory": "faf74783-644c-40cd-aa98-2239e5fafcd1",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"baseScore": 7.1,
"baseSeverity": "HIGH"
}
]
}

111
2024/3xxx/CVE-2024-3142.json
View File

@ -1,17 +1,120 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3142",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Clavister E10 and E80 up to 20240323 and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258917 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine problematische Schwachstelle wurde in Clavister E10 and E80 bis 20240323 gefunden. Dies betrifft einen unbekannten Teil der Komponente Setting Handler. Durch Beeinflussen mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Clavister",
"product": {
"product_data": [
{
"product_name": "E10",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240323"
}
]
}
},
{
"product_name": "E80",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240323"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.258917",
"refsource": "MISC",
"name": "https://vuldb.com/?id.258917"
},
{
"url": "https://vuldb.com/?ctiid.258917",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.258917"
},
{
"url": "https://vuldb.com/?submit.303530",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.303530"
},
{
"url": "https://github.com/strik3r0x1/Vulns/blob/main/CSRF_Clavister-E80,E10.md",
"refsource": "MISC",
"name": "https://github.com/strik3r0x1/Vulns/blob/main/CSRF_Clavister-E80,E10.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Strik3r (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
}
]
}

100
2024/3xxx/CVE-2024-3143.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3143",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in DedeCMS 5.7. It has been classified as problematic. Affected is an unknown function of the file /src/dede/member_rank.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-258918 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in DedeCMS 5.7 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei /src/dede/member_rank.php. Dank der Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "DedeCMS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.258918",
"refsource": "MISC",
"name": "https://vuldb.com/?id.258918"
},
{
"url": "https://vuldb.com/?ctiid.258918",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.258918"
},
{
"url": "https://vuldb.com/?submit.303432",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.303432"
},
{
"url": "https://github.com/E1CHO/demo/blob/main/39.pdf",
"refsource": "MISC",
"name": "https://github.com/E1CHO/demo/blob/main/39.pdf"
}
]
},
"credits": [
{
"lang": "en",
"value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
}
]
}

100
2024/3xxx/CVE-2024-3144.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3144",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/makehtml_spec.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "In DedeCMS 5.7 wurde eine problematische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /src/dede/makehtml_spec.php. Dank Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "DedeCMS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.258919",
"refsource": "MISC",
"name": "https://vuldb.com/?id.258919"
},
{
"url": "https://vuldb.com/?ctiid.258919",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.258919"
},
{
"url": "https://vuldb.com/?submit.303954",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.303954"
},
{
"url": "https://github.com/Hckwzh/cms/blob/main/12.md",
"refsource": "MISC",
"name": "https://github.com/Hckwzh/cms/blob/main/12.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "urkc (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
}
]
}

100
2024/3xxx/CVE-2024-3145.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3145",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/makehtml_js_action.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258920. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine problematische Schwachstelle wurde in DedeCMS 5.7 ausgemacht. Davon betroffen ist unbekannter Code der Datei /src/dede/makehtml_js_action.php. Mit der Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "DedeCMS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.258920",
"refsource": "MISC",
"name": "https://vuldb.com/?id.258920"
},
{
"url": "https://vuldb.com/?ctiid.258920",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.258920"
},
{
"url": "https://vuldb.com/?submit.303955",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.303955"
},
{
"url": "https://github.com/Hckwzh/cms/blob/main/13.md",
"refsource": "MISC",
"name": "https://github.com/Hckwzh/cms/blob/main/13.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "urkc (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
}
]
}

100
2024/3xxx/CVE-2024-3146.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3146",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic has been found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/makehtml_rss_action.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258921 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in DedeCMS 5.7 entdeckt. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei /src/dede/makehtml_rss_action.php. Durch die Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "DedeCMS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.258921",
"refsource": "MISC",
"name": "https://vuldb.com/?id.258921"
},
{
"url": "https://vuldb.com/?ctiid.258921",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.258921"
},
{
"url": "https://vuldb.com/?submit.303956",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.303956"
},
{
"url": "https://github.com/Hckwzh/cms/blob/main/14.md",
"refsource": "MISC",
"name": "https://github.com/Hckwzh/cms/blob/main/14.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "urkc (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
}
]
}

100
2024/3xxx/CVE-2024-3147.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3147",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/makehtml_map.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-258922 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "In DedeCMS 5.7 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /src/dede/makehtml_map.php. Durch Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "DedeCMS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.258922",
"refsource": "MISC",
"name": "https://vuldb.com/?id.258922"
},
{
"url": "https://vuldb.com/?ctiid.258922",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.258922"
},
{
"url": "https://vuldb.com/?submit.303957",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.303957"
},
{
"url": "https://github.com/Hckwzh/cms/blob/main/15.md",
"refsource": "MISC",
"name": "https://github.com/Hckwzh/cms/blob/main/15.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "urkc (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
}
]
}

100
2024/3xxx/CVE-2024-3148.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3148",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, has been found in DedeCMS 5.7.112. This issue affects some unknown processing of the file dede/makehtml_archives_action.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258923. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in DedeCMS 5.7.112 entdeckt. Sie wurde als kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei dede/makehtml_archives_action.php. Mittels dem Manipulieren mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "DedeCMS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.7.112"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.258923",
"refsource": "MISC",
"name": "https://vuldb.com/?id.258923"
},
{
"url": "https://vuldb.com/?ctiid.258923",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.258923"
},
{
"url": "https://vuldb.com/?submit.303889",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.303889"
},
{
"url": "https://github.com/gatsby2003/DedeCms/blob/main/DedeCms%20sql%20time-based%20blind%20injection.md",
"refsource": "MISC",
"name": "https://github.com/gatsby2003/DedeCms/blob/main/DedeCms%20sql%20time-based%20blind%20injection.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "gatsby (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

155
2024/3xxx/CVE-2024-3160.json
View File

@ -1,17 +1,164 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3160",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** DISPUTED ** ** DISPUTED ** A vulnerability, which was classified as problematic, was found in Intelbras MHDX 1004, MHDX 1008, MHDX 1016, MHDX 5016, HDCVI 1008 and HDCVI 1016 up to 20240401. This affects an unknown part of the file /cap.js of the component HTTP GET Request Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier VDB-258933 was assigned to this vulnerability. NOTE: The vendor explains that they do not classify the information shown as sensitive and therefore there is no vulnerability which is about to harm the user."
},
{
"lang": "deu",
"value": "** DISPUTED ** Es wurde eine problematische Schwachstelle in Intelbras MHDX 1004, MHDX 1008, MHDX 1016, MHDX 5016, HDCVI 1008 and HDCVI 1016 bis 20240401 gefunden. Dabei betrifft es einen unbekannter Codeteil der Datei /cap.js der Komponente HTTP GET Request Handler. Durch Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Die wahre Existenz der vermeintlichen Schwachstelle wird zur Zeit in Frage gestellt."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Disclosure",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intelbras",
"product": {
"product_data": [
{
"product_name": "MHDX 1004",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240401"
}
]
}
},
{
"product_name": "MHDX 1008",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240401"
}
]
}
},
{
"product_name": "MHDX 1016",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240401"
}
]
}
},
{
"product_name": "MHDX 5016",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240401"
}
]
}
},
{
"product_name": "HDCVI 1008",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240401"
}
]
}
},
{
"product_name": "HDCVI 1016",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20240401"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.258933",
"refsource": "MISC",
"name": "https://vuldb.com/?id.258933"
},
{
"url": "https://vuldb.com/?ctiid.258933",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.258933"
},
{
"url": "https://vuldb.com/?submit.305410",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.305410"
},
{
"url": "https://github.com/netsecfish/intelbras_cap_js",
"refsource": "MISC",
"name": "https://github.com/netsecfish/intelbras_cap_js"
}
]
},
"credits": [
{
"lang": "en",
"value": "netsecfish (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"
}
]
}

18
2024/3xxx/CVE-2024-3184.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3184",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3185.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3185",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3186.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3186",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3187.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3187",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3188.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3188",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3189.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3189",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3190.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3190",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3191.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3191",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3192.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3192",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3193.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3193",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3194.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3194",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3195.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3196.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3197.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}