diff --git a/2023/3xxx/CVE-2023-3078.json b/2023/3xxx/CVE-2023-3078.json
index 1d40b89e8a0..12aeed400c5 100644
--- a/2023/3xxx/CVE-2023-3078.json
+++ b/2023/3xxx/CVE-2023-3078.json
@@ -40,8 +40,9 @@
"version": {
"version_data": [
{
- "version_affected": "=",
- "version_value": "Versions prior to 23.4"
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "23.10"
}
]
}
@@ -74,10 +75,10 @@
{
"base64": false,
"type": "text/html",
- "value": "\n\nUpdate the Universal Device Client to version 23.4 or higher.\n\n"
+ "value": "\n\nUpdate the Universal Device Client to version 23.10 or higher.\n\n"
}
],
- "value": "\nUpdate the Universal Device Client to version 23.4 or higher.\n\n"
+ "value": "\nUpdate the Universal Device Client to version 23.10 or higher.\n\n"
}
],
"credits": [
diff --git a/2023/52xxx/CVE-2023-52140.json b/2023/52xxx/CVE-2023-52140.json
index dbf49119cf5..61605afe05f 100644
--- a/2023/52xxx/CVE-2023-52140.json
+++ b/2023/52xxx/CVE-2023-52140.json
@@ -1,17 +1,17 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52140",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security-advisories@github.com",
+ "STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2023. Notes: none."
}
]
}
diff --git a/2023/52xxx/CVE-2023-52141.json b/2023/52xxx/CVE-2023-52141.json
index 6d265f0abd1..39b883610e1 100644
--- a/2023/52xxx/CVE-2023-52141.json
+++ b/2023/52xxx/CVE-2023-52141.json
@@ -1,17 +1,17 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52141",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security-advisories@github.com",
+ "STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2023. Notes: none."
}
]
}
diff --git a/2023/6xxx/CVE-2023-6338.json b/2023/6xxx/CVE-2023-6338.json
index b1551cf7037..3c5d4cd788f 100644
--- a/2023/6xxx/CVE-2023-6338.json
+++ b/2023/6xxx/CVE-2023-6338.json
@@ -1,17 +1,107 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6338",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "psirt@lenovo.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-427 Uncontrolled Search Path Element",
+ "cweId": "CWE-427"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Lenovo",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Universal Device Client (UDC)",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": " ",
+ "version_value": "23.10"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://support.lenovo.com/us/en/product_security/LEN-121183",
+ "refsource": "MISC",
+ "name": "https://support.lenovo.com/us/en/product_security/LEN-121183"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Update the Universal Device Client to version 23.10 or higher."
+ }
+ ],
+ "value": "Update the Universal Device Client to version 23.10 or higher."
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Lenovo thanks Moritz Rauch for reporting this issue"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "LOCAL",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.8,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2023/6xxx/CVE-2023-6540.json b/2023/6xxx/CVE-2023-6540.json
index db2d7d98a6f..4201459d8f3 100644
--- a/2023/6xxx/CVE-2023-6540.json
+++ b/2023/6xxx/CVE-2023-6540.json
@@ -1,17 +1,130 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6540",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "psirt@lenovo.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "A vulnerability was reported in the Lenovo Browser Mobile and Lenovo Browser HD Apps for Android that could allow an attacker to craft a payload that could result in the disclosure of sensitive information."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
+ "cweId": "CWE-94"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Lenovo",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Lenovo Browser Mobile",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": " ",
+ "version_value": "8.7.1.1"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "Lenovo Browser HD",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": " ",
+ "version_value": "2.1.4.1"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://iknow.lenovo.com.cn/detail/419251",
+ "refsource": "MISC",
+ "name": "https://iknow.lenovo.com.cn/detail/419251"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Update Lenovo Browser Mobile Version to version 8.7.1.1 or later.
"
+ }
+ ],
+ "value": "Update Lenovo Browser Mobile Version to version 8.7.1.1 or later.\n"
+ },
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Update Lenovo Browser HD Edition to version 2.1.4.1 or later."
+ }
+ ],
+ "value": "Update Lenovo Browser HD Edition to version 2.1.4.1 or later."
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Lenovo thanks CNVD for reporting this vulnerability"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.5,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "REQUIRED",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2024/0xxx/CVE-2024-0229.json b/2024/0xxx/CVE-2024-0229.json
new file mode 100644
index 00000000000..01f4f4ce7dd
--- /dev/null
+++ b/2024/0xxx/CVE-2024-0229.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-0229",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22004.json b/2024/22xxx/CVE-2024-22004.json
new file mode 100644
index 00000000000..4216da70d29
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22004.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22004",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22005.json b/2024/22xxx/CVE-2024-22005.json
new file mode 100644
index 00000000000..50fb3e5da44
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22005.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22005",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22006.json b/2024/22xxx/CVE-2024-22006.json
new file mode 100644
index 00000000000..93373a72fbb
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22006.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22006",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22007.json b/2024/22xxx/CVE-2024-22007.json
new file mode 100644
index 00000000000..89e19f26f25
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22007.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22007",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22008.json b/2024/22xxx/CVE-2024-22008.json
new file mode 100644
index 00000000000..54bce8dad74
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22008.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22008",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22009.json b/2024/22xxx/CVE-2024-22009.json
new file mode 100644
index 00000000000..a1ec5bd4eeb
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22009.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22009",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22010.json b/2024/22xxx/CVE-2024-22010.json
new file mode 100644
index 00000000000..e3e17ae8fa4
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22010.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22010",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22011.json b/2024/22xxx/CVE-2024-22011.json
new file mode 100644
index 00000000000..f2f12af1984
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22011.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22011",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22012.json b/2024/22xxx/CVE-2024-22012.json
new file mode 100644
index 00000000000..ef10f9ac1d1
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22012.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22012",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/22xxx/CVE-2024-22013.json b/2024/22xxx/CVE-2024-22013.json
new file mode 100644
index 00000000000..03c31753dfa
--- /dev/null
+++ b/2024/22xxx/CVE-2024-22013.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-22013",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file