diff --git a/2024/1xxx/CVE-2024-1023.json b/2024/1xxx/CVE-2024-1023.json index b634ee36d79..9def72a4315 100644 --- a/2024/1xxx/CVE-2024-1023.json +++ b/2024/1xxx/CVE-2024-1023.json @@ -139,6 +139,27 @@ ] } }, + { + "product_name": "MTA-6.2-RHEL-9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "6.2.3-2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat AMQ Streams 2.7.0", "version": { @@ -199,19 +220,6 @@ ] } }, - { - "product_name": "Migration Toolkit for Applications 6", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - }, { "product_name": "Migration Toolkit for Runtimes", "version": { @@ -466,6 +474,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:3527" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:3989", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:3989" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-1023", "refsource": "MISC", diff --git a/2024/1xxx/CVE-2024-1132.json b/2024/1xxx/CVE-2024-1132.json index 0002dfda331..4f82ea6a0c7 100644 --- a/2024/1xxx/CVE-2024-1132.json +++ b/2024/1xxx/CVE-2024-1132.json @@ -98,6 +98,27 @@ ] } }, + { + "product_name": "MTA-6.2-RHEL-9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "6.2.3-2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat build of Keycloak 22", "version": { @@ -282,19 +303,6 @@ ] } }, - { - "product_name": "Migration Toolkit for Applications 6", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - }, { "product_name": "Red Hat build of Quarkus", "version": { @@ -475,6 +483,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:3919" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:3989", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:3989" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-1132", "refsource": "MISC", diff --git a/2024/1xxx/CVE-2024-1300.json b/2024/1xxx/CVE-2024-1300.json index 84c3ad7ed9d..c45f6d4319f 100644 --- a/2024/1xxx/CVE-2024-1300.json +++ b/2024/1xxx/CVE-2024-1300.json @@ -202,6 +202,27 @@ ] } }, + { + "product_name": "MTA-6.2-RHEL-9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "6.2.3-2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat AMQ Streams 2.7.0", "version": { @@ -262,19 +283,6 @@ ] } }, - { - "product_name": "Migration Toolkit for Applications 6", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - }, { "product_name": "OpenShift Serverless", "version": { @@ -521,6 +529,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:3527" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:3989", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:3989" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-1300", "refsource": "MISC", diff --git a/2024/4xxx/CVE-2024-4565.json b/2024/4xxx/CVE-2024-4565.json index 4c12142598d..0da07569cf6 100644 --- a/2024/4xxx/CVE-2024-4565.json +++ b/2024/4xxx/CVE-2024-4565.json @@ -1,18 +1,92 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-4565", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Advanced Custom Fields (ACF) WordPress plugin before 6.3, Advanced Custom Fields Pro WordPress plugin before 6.3 allows you to display custom field values for any post via shortcode without checking for the correct access" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284 Improper Access Control" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Advanced Custom Fields (ACF)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "6.3" + } + ] + } + }, + { + "product_name": "Advanced Custom Fields Pro", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "6.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/430224c4-d6e3-4ca8-b1bc-b2229a9bcf12/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/430224c4-d6e3-4ca8-b1bc-b2229a9bcf12/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Scott Kingsley Clark" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5475.json b/2024/5xxx/CVE-2024-5475.json index a7b5604b507..c8c5c8aeac4 100644 --- a/2024/5xxx/CVE-2024-5475.json +++ b/2024/5xxx/CVE-2024-5475.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5475", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Responsive video embed WordPress plugin before 0.5.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Responsive video embed", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "0.5.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/cee66543-b5d6-4205-8f9b-0febd7fee445/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/cee66543-b5d6-4205-8f9b-0febd7fee445/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Felipe Caon" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5522.json b/2024/5xxx/CVE-2024-5522.json index 4cd4f58320a..a3dbe1c8cb7 100644 --- a/2024/5xxx/CVE-2024-5522.json +++ b/2024/5xxx/CVE-2024-5522.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5522", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "HTML5 Video Player ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.5.27" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/bc76ef95-a2a9-4185-8ed9-1059097a506a/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/bc76ef95-a2a9-4185-8ed9-1059097a506a/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Mayank Deshmukh" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6113.json b/2024/6xxx/CVE-2024-6113.json index 6a032b7050c..34ca0cfdad3 100644 --- a/2024/6xxx/CVE-2024-6113.json +++ b/2024/6xxx/CVE-2024-6113.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6113", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in itsourcecode Monbela Tourist Inn Online Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The identifier VDB-268865 was assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in itsourcecode Monbela Tourist Inn Online Reservation System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code der Datei login.php. Durch die Manipulation des Arguments email mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "itsourcecode", + "product": { + "product_data": [ + { + "product_name": "Monbela Tourist Inn Online Reservation System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.268865", + "refsource": "MISC", + "name": "https://vuldb.com/?id.268865" + }, + { + "url": "https://vuldb.com/?ctiid.268865", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.268865" + }, + { + "url": "https://vuldb.com/?submit.358991", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.358991" + }, + { + "url": "https://github.com/wangyuan-ui/CVE/issues/3", + "refsource": "MISC", + "name": "https://github.com/wangyuan-ui/CVE/issues/3" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "wangyuan-ui (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2024/6xxx/CVE-2024-6181.json b/2024/6xxx/CVE-2024-6181.json new file mode 100644 index 00000000000..6b5bf82bb94 --- /dev/null +++ b/2024/6xxx/CVE-2024-6181.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6181", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6182.json b/2024/6xxx/CVE-2024-6182.json new file mode 100644 index 00000000000..0156501829f --- /dev/null +++ b/2024/6xxx/CVE-2024-6182.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6182", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6183.json b/2024/6xxx/CVE-2024-6183.json new file mode 100644 index 00000000000..7aecdaf320e --- /dev/null +++ b/2024/6xxx/CVE-2024-6183.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6183", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6184.json b/2024/6xxx/CVE-2024-6184.json new file mode 100644 index 00000000000..bc9f86fd1e2 --- /dev/null +++ b/2024/6xxx/CVE-2024-6184.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6184", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6185.json b/2024/6xxx/CVE-2024-6185.json new file mode 100644 index 00000000000..3d2b7cee108 --- /dev/null +++ b/2024/6xxx/CVE-2024-6185.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6185", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6186.json b/2024/6xxx/CVE-2024-6186.json new file mode 100644 index 00000000000..0bbb5fcc610 --- /dev/null +++ b/2024/6xxx/CVE-2024-6186.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6186", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6187.json b/2024/6xxx/CVE-2024-6187.json new file mode 100644 index 00000000000..4e870c7146f --- /dev/null +++ b/2024/6xxx/CVE-2024-6187.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6187", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6188.json b/2024/6xxx/CVE-2024-6188.json new file mode 100644 index 00000000000..0f55565e6e9 --- /dev/null +++ b/2024/6xxx/CVE-2024-6188.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6188", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6189.json b/2024/6xxx/CVE-2024-6189.json new file mode 100644 index 00000000000..e08c4529188 --- /dev/null +++ b/2024/6xxx/CVE-2024-6189.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6189", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6190.json b/2024/6xxx/CVE-2024-6190.json new file mode 100644 index 00000000000..8aee59c8ff8 --- /dev/null +++ b/2024/6xxx/CVE-2024-6190.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-6190", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file