admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-12-17 16:00:59 +00:00
parent 6351550560
commit d1b5b5e152
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
20 changed files with 1762 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
2019/17xxx/CVE-2019-17082.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Missing Authentication for Critical Function vulnerability in OpenText\u2122 AccuRev for LDAP Integration allows Authentication Bypass. The vulnerability could allow\u00a0\n\na valid AccuRev username to gain access to AccuRev source control without knowing the user\u2019s password.\n\nThis issue affects AccuRev for LDAP Integration: 2017.1."
"value": "Insufficiently Protected Credentials vulnerability in OpenText\u2122 AccuRev allows Authentication Bypass. When installed on a Linux or Solaris system\n\nthe vulnerability could allow\u00a0anyone who knows a valid AccuRev username can use the AccuRev client to login and gain access to AccuRev source control without knowing the user\u2019s password.\n\nThis issue affects AccuRev: 2017.1."
}
]
},
@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function",
"cweId": "CWE-306"
"value": "CWE-522 Insufficiently Protected Credentials",
"cweId": "CWE-522"
}
]
}
@ -36,7 +36,7 @@
"product": {
"product_data": [
{
"product_name": "AccuRev for LDAP Integration",
"product_name": "AccuRev",
"version": {
"version_data": [
{
@ -74,10 +74,10 @@
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://support.microfocus.com/kb/kmdoc.php?id=KM03544106\">https://support.microfocus.com/kb/kmdoc.php?id=KM03544106</a><br>"
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://support.microfocus.com/kb/kmdoc.php?id=KM03544106\">KM03544106 - AccuRev for LDAP Integration, version 2017.1, access may be granted without a password - CVE-2019-17082</a>\n\n<br>"
}
],
"value": "https://support.microfocus.com/kb/kmdoc.php?id=KM03544106"
"value": "KM03544106 - AccuRev for LDAP Integration, version 2017.1, access may be granted without a password - CVE-2019-17082 https://support.microfocus.com/kb/kmdoc.php"
}
]
}

193
2024/10xxx/CVE-2024-10476.json
View File

@ -1,17 +1,202 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10476",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@bd.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information (PHI) and personally identifiable information (PII). Exploitation of this vulnerability may allow an attacker to shut down or otherwise impact the availability of the system. Note: BD Synapsys\u2122 Informatics\nSolution is only in scope of\nthis vulnerability when\ninstalled on a NUC server. BD Synapsys\u2122\nInformatics Solution installed\non a customer-provided virtual machine or on the BD Kiestra\u2122 SCU hardware is\nnot in scope."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1392 USE OF DEFAULT CREDENTIALS",
"cweId": "CWE-1392"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Becton Dickinson & Co",
"product": {
"product_data": [
{
"product_name": "BD BACTEC\u2122 Blood Culture System",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "7.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "BD COR\u2122 System",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "BD EpiCenter\u2122 Microbiology Data Management System",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "7.45",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "BD MAX\u2122 System",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "6.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "BD Phoenix\u2122 M50 Automated Microbiology System",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.70",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "BD Synapsys\u2122 Informatics Solution",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "6.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-cybersecurity-vulnerability-bulletin-diagnostic-solutions-products",
"refsource": "MISC",
"name": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-cybersecurity-vulnerability-bulletin-diagnostic-solutions-products"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/11xxx/CVE-2024-11422.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11422",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12178.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12178",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
"cweId": "CWE-120"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12179.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12179",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage\u00a0this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12191.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12191",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12192.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12192",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12193.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12193",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12194.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12194",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
"cweId": "CWE-120"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12197.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12198.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12199.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12199",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12200.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12200",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12669.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12669",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12670.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12670",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2024/12xxx/CVE-2024-12671.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12671",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "Navisworks Freedom",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Simulate",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
},
{
"product_name": "Navisworks Manage",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"refsource": "MISC",
"name": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

18
2024/12xxx/CVE-2024-12707.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12707",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

38
2024/1xxx/CVE-2024-1394.json
View File

@ -545,7 +545,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:1.23.4-5.2.rhaos4.12.el8",
"version": "1:1.23.4-5.2.rhaos4.12.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -601,7 +601,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.25.0-2.2.el9",
"version": "0:1.25.0-2.2.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -615,7 +615,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.14.0-5.2.rhaos4.12.el9",
"version": "0:2.14.0-7.1.rhaos4.12.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -643,7 +643,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-2.1.rhaos4.12.el8",
"version": "3:4.2.0-7.2.rhaos4.12.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -671,7 +671,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.9.4-3.2.rhaos4.12.el9",
"version": "2:1.9.4-3.2.rhaos4.12.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -692,7 +692,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:1.29.1-2.2.rhaos4.13.el8",
"version": "1:1.29.1-2.2.rhaos4.13.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -734,7 +734,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.26.0-4.1.el8",
"version": "0:1.26.0-4.2.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -867,7 +867,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.27.0-3.1.el8",
"version": "0:1.27.0-3.1.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -909,7 +909,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el9",
"version": "0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -923,7 +923,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-11.3.rhaos4.14.el9",
"version": "3:4.4.1-11.3.rhaos4.14.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -979,7 +979,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:2.1.7-3.4.rhaos4.14.el8",
"version": "3:2.1.7-3.4.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1007,7 +1007,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.27.4-7.2.rhaos4.14.git082c52f.el9",
"version": "0:1.27.4-7.2.rhaos4.14.git082c52f.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1077,7 +1077,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202404151639.p0.g81558cc.assembly.stream.el8",
"version": "0:4.14.0-202404151639.p0.g81558cc.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1133,7 +1133,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-11.4.rhaos4.14.el9",
"version": "3:4.4.1-11.4.rhaos4.14.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1147,7 +1147,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4:1.1.12-1.2.rhaos4.14.el9",
"version": "4:1.1.12-1.2.rhaos4.14.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1252,7 +1252,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.28.4-8.rhaos4.15.git24f50b9.el8",
"version": "0:1.28.4-8.rhaos4.15.git24f50b9.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1266,7 +1266,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.28.0-3.1.el9",
"version": "0:1.28.0-3.1.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1294,7 +1294,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9",
"version": "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1336,7 +1336,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4:1.1.12-1.1.rhaos4.15.el8",
"version": "4:1.1.12-1.1.rhaos4.15.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"

71
2024/36xxx/CVE-2024-36831.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-36831",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-36831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A NULL pointer dereference in the plugins_call_handle_uri_clean function of D-Link DAP-1520 REVA_FIRMWARE_1.10B04_BETA02_HOTFIX allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://www.dlink.com/en",
"refsource": "MISC",
"name": "https://www.dlink.com/en"
},
{
"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10395",
"refsource": "MISC",
"name": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10395"
},
{
"url": "https://docs.google.com/document/d/15CVb7XHIgtfeW1W1pLZJWvlBMYN1rtr75vqZqf1v3Eo/edit?usp=sharing",
"refsource": "MISC",
"name": "https://docs.google.com/document/d/15CVb7XHIgtfeW1W1pLZJWvlBMYN1rtr75vqZqf1v3Eo/edit?usp=sharing"
}
]
}

125
2024/53xxx/CVE-2024-53144.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-53144",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE\n\nThis aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4\n(\"Bluetooth: Always request for user confirmation for Just Works\")\nalways request user confirmation with confirm_hint set since the\nlikes of bluetoothd have dedicated policy around JUST_WORKS method\n(e.g. main.conf:JustWorksRepairing).\n\nCVE: CVE-2024-8805"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ba15a58b179e",
"version_value": "d17c631ba04e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.16",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.113",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.55",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.10.14",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.11.3",
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d17c631ba04e960eb6f8728b10d585de20ac4f71",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d17c631ba04e960eb6f8728b10d585de20ac4f71"
},
{
"url": "https://git.kernel.org/stable/c/830c03e58beb70b99349760f822e505ecb4eeb7e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/830c03e58beb70b99349760f822e505ecb4eeb7e"
},
{
"url": "https://git.kernel.org/stable/c/ad7adfb95f64a761e4784381e47bee1a362eb30d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad7adfb95f64a761e4784381e47bee1a362eb30d"
},
{
"url": "https://git.kernel.org/stable/c/5291ff856d2c5177b4fe9c18828312be30213193",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5291ff856d2c5177b4fe9c18828312be30213193"
},
{
"url": "https://git.kernel.org/stable/c/b25e11f978b63cb7857890edb3a698599cddb10e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b25e11f978b63cb7857890edb3a698599cddb10e"
}
]
},
"generator": {
"engine": "bippy-8e903de6a542"
}
}