From e427e92066f99ecf28ba1d33cd220690ad45c4dc Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 28 May 2024 18:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/3xxx/CVE-2022-3205.json | 14 +-------- 2024/33xxx/CVE-2024-33402.json | 56 ++++++++++++++++++++++++++++++---- 2024/33xxx/CVE-2024-33403.json | 5 +++ 2024/35xxx/CVE-2024-35342.json | 2 +- 2024/35xxx/CVE-2024-35344.json | 56 ++++++++++++++++++++++++++++++---- 2024/35xxx/CVE-2024-35374.json | 2 +- 2024/5xxx/CVE-2024-5439.json | 18 +++++++++++ 7 files changed, 126 insertions(+), 27 deletions(-) create mode 100644 2024/5xxx/CVE-2024-5439.json diff --git a/2022/3xxx/CVE-2022-3205.json b/2022/3xxx/CVE-2022-3205.json index 2ea125eb412..76f5f28b283 100644 --- a/2022/3xxx/CVE-2022-3205.json +++ b/2022/3xxx/CVE-2022-3205.json @@ -42,12 +42,6 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "versions": [ - { - "version": "1.2", - "status": "affected" - } - ], "defaultStatus": "affected" } } @@ -55,18 +49,12 @@ } }, { - "product_name": "Red Hat Ansible Automation Platform 2.0", + "product_name": "Red Hat Ansible Automation Platform 2", "version": { "version_data": [ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "versions": [ - { - "version": "2.0", - "status": "affected" - } - ], "defaultStatus": "affected" } } diff --git a/2024/33xxx/CVE-2024-33402.json b/2024/33xxx/CVE-2024-33402.json index 19a70b09341..d87922c7968 100644 --- a/2024/33xxx/CVE-2024-33402.json +++ b/2024/33xxx/CVE-2024-33402.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-33402", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-33402", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%204.pdf", + "url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%204.pdf" } ] } diff --git a/2024/33xxx/CVE-2024-33403.json b/2024/33xxx/CVE-2024-33403.json index f1ed9d549c6..0073ff118b0 100644 --- a/2024/33xxx/CVE-2024-33403.json +++ b/2024/33xxx/CVE-2024-33403.json @@ -56,6 +56,11 @@ "refsource": "CONFIRM", "name": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%202.pdf", "url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%202.pdf" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2010.pdf", + "url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2010.pdf" } ] } diff --git a/2024/35xxx/CVE-2024-35342.json b/2024/35xxx/CVE-2024-35342.json index 316c0078161..6bbd723f779 100644 --- a/2024/35xxx/CVE-2024-35342.json +++ b/2024/35xxx/CVE-2024-35342.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Certain Anpviz products allow unauthenticated users to modify or disable camera related settings such as microphone volume, speaker volume, LED lighting, NTP, motion detection, etc. This affects IPC-D250, IPC-D260, IPC-B850 IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YM800N_N2, YMF50B, YM800SV2, YM500L8, and YM200E10 firmware v3.2.2.2 and lower and possibly more vendors/models of IP camera." + "value": "Certain Anpviz products allow unauthenticated users to modify or disable camera related settings such as microphone volume, speaker volume, LED lighting, NTP, motion detection, etc. This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YM800N_N2, YMF50B, YM800SV2, YM500L8, and YM200E10 firmware v3.2.2.2 and lower and possibly more vendors/models of IP camera." } ] }, diff --git a/2024/35xxx/CVE-2024-35344.json b/2024/35xxx/CVE-2024-35344.json index f5ec2df24c2..394cb6d0707 100644 --- a/2024/35xxx/CVE-2024-35344.json +++ b/2024/35xxx/CVE-2024-35344.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-35344", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-35344", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain Anpviz products contain a hardcoded cryptographic key stored in the firmware of the device. This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YM800N_N2, YMF50B, YM800SV2, YM500L8, and YM200E10 firmware v3.2.2.2 and lower and possibly more vendors/models of IP camera." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://willgu.es/pages/anpviz-ip-camera-vuln.html", + "refsource": "MISC", + "name": "https://willgu.es/pages/anpviz-ip-camera-vuln.html" } ] } diff --git a/2024/35xxx/CVE-2024-35374.json b/2024/35xxx/CVE-2024-35374.json index b689483a736..dd3f39a2545 100644 --- a/2024/35xxx/CVE-2024-35374.json +++ b/2024/35xxx/CVE-2024-35374.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary SQL commands and potentially command injection, leading to remote code execution (RCE) under certain conditions." + "value": "Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution (RCE) under certain conditions." } ] }, diff --git a/2024/5xxx/CVE-2024-5439.json b/2024/5xxx/CVE-2024-5439.json new file mode 100644 index 00000000000..72b04bee1ff --- /dev/null +++ b/2024/5xxx/CVE-2024-5439.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-5439", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file