diff --git a/2024/46xxx/CVE-2024-46085.json b/2024/46xxx/CVE-2024-46085.json index cbea790bdf6..f6bfee84ee2 100644 --- a/2024/46xxx/CVE-2024-46085.json +++ b/2024/46xxx/CVE-2024-46085.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46085", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46085", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/rename" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/RainingSEC/cms/tree/main/11/readme.md", + "refsource": "MISC", + "name": "https://github.com/RainingSEC/cms/tree/main/11/readme.md" } ] } diff --git a/2024/46xxx/CVE-2024-46362.json b/2024/46xxx/CVE-2024-46362.json index c55d6ae708c..a976fa6f8a9 100644 --- a/2024/46xxx/CVE-2024-46362.json +++ b/2024/46xxx/CVE-2024-46362.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46362", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46362", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_directory" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ohuquq/cms/tree/main/13/readme.md", + "refsource": "MISC", + "name": "https://github.com/ohuquq/cms/tree/main/13/readme.md" } ] } diff --git a/2024/47xxx/CVE-2024-47046.json b/2024/47xxx/CVE-2024-47046.json new file mode 100644 index 00000000000..e92bf5f72ff --- /dev/null +++ b/2024/47xxx/CVE-2024-47046.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-47046", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/7xxx/CVE-2024-7873.json b/2024/7xxx/CVE-2024-7873.json index a4d45f114bd..f91c04bb889 100644 --- a/2024/7xxx/CVE-2024-7873.json +++ b/2024/7xxx/CVE-2024-7873.json @@ -1,18 +1,98 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7873", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@usom.gov.tr", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Encoding or Escaping of Output, CWE - 83 Improper Neutralization of Script in Attributes in a Web Page vulnerability in Veribilim Software Veribase Order allows Stored XSS, Cross-Site Scripting (XSS), Exploit Script-Based APIs, XSS Through HTTP Headers.This issue affects Veribase Order: before v4.010.3." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-116 Improper Encoding or Escaping of Output", + "cweId": "CWE-116" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE - 83 Improper Neutralization of Script in Attributes in a Web Page" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Veribilim Software", + "product": { + "product_data": [ + { + "product_name": "Veribase Order", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "v4.010.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-24-1485", + "refsource": "MISC", + "name": "https://www.usom.gov.tr/bildirim/tr-24-1485" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "TR-24-1485", + "defect": [ + "TR-24-1485" + ], + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Tunahan TEKEO\u011eLU" + } + ] } \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8418.json b/2024/8xxx/CVE-2024-8418.json index 39fa5654cd8..4935e51abc8 100644 --- a/2024/8xxx/CVE-2024-8418.json +++ b/2024/8xxx/CVE-2024-8418.json @@ -48,7 +48,7 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "unknown" + "defaultStatus": "unaffected" } } ] @@ -67,7 +67,7 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "unknown" + "defaultStatus": "unaffected" } } ] @@ -80,7 +80,7 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "unknown" + "defaultStatus": "unaffected" } } ] diff --git a/2024/8xxx/CVE-2024-8897.json b/2024/8xxx/CVE-2024-8897.json index f1ee2e566bf..67a6c567605 100644 --- a/2024/8xxx/CVE-2024-8897.json +++ b/2024/8xxx/CVE-2024-8897.json @@ -1,18 +1,75 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8897", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site.\n*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 130.0.1." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Address bar spoofing after server-side redirect" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Firefox for Android", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "130.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1862537", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1862537" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-45/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2024-45/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Thomas Orlita" + } + ] } \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8944.json b/2024/8xxx/CVE-2024-8944.json new file mode 100644 index 00000000000..286939a6bf5 --- /dev/null +++ b/2024/8xxx/CVE-2024-8944.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8944", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8945.json b/2024/8xxx/CVE-2024-8945.json new file mode 100644 index 00000000000..01647ae0877 --- /dev/null +++ b/2024/8xxx/CVE-2024-8945.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8945", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8946.json b/2024/8xxx/CVE-2024-8946.json new file mode 100644 index 00000000000..f9edbf0b1eb --- /dev/null +++ b/2024/8xxx/CVE-2024-8946.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8946", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8947.json b/2024/8xxx/CVE-2024-8947.json new file mode 100644 index 00000000000..fc00c7e9f41 --- /dev/null +++ b/2024/8xxx/CVE-2024-8947.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8947", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8948.json b/2024/8xxx/CVE-2024-8948.json new file mode 100644 index 00000000000..372d2bfab0e --- /dev/null +++ b/2024/8xxx/CVE-2024-8948.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8948", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8949.json b/2024/8xxx/CVE-2024-8949.json new file mode 100644 index 00000000000..64e92d8bfdc --- /dev/null +++ b/2024/8xxx/CVE-2024-8949.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8949", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file