diff --git a/2024/10xxx/CVE-2024-10694.json b/2024/10xxx/CVE-2024-10694.json index c0c2f01167c..6e7aa20f704 100644 --- a/2024/10xxx/CVE-2024-10694.json +++ b/2024/10xxx/CVE-2024-10694.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-10694", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-9542. Reason: This candidate is a reservation duplicate of CVE-2024-9542. Notes: All CVE users should reference CVE-2024-9542 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2024/11xxx/CVE-2024-11093.json b/2024/11xxx/CVE-2024-11093.json new file mode 100644 index 00000000000..3cbac5f489b --- /dev/null +++ b/2024/11xxx/CVE-2024-11093.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11093", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11094.json b/2024/11xxx/CVE-2024-11094.json new file mode 100644 index 00000000000..6221fe25696 --- /dev/null +++ b/2024/11xxx/CVE-2024-11094.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11094", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11095.json b/2024/11xxx/CVE-2024-11095.json new file mode 100644 index 00000000000..e03af820080 --- /dev/null +++ b/2024/11xxx/CVE-2024-11095.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11095", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11096.json b/2024/11xxx/CVE-2024-11096.json new file mode 100644 index 00000000000..7ccf0f59170 --- /dev/null +++ b/2024/11xxx/CVE-2024-11096.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11096", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11097.json b/2024/11xxx/CVE-2024-11097.json new file mode 100644 index 00000000000..40b046f65db --- /dev/null +++ b/2024/11xxx/CVE-2024-11097.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11097", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11098.json b/2024/11xxx/CVE-2024-11098.json new file mode 100644 index 00000000000..65314f9eae8 --- /dev/null +++ b/2024/11xxx/CVE-2024-11098.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11098", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11099.json b/2024/11xxx/CVE-2024-11099.json new file mode 100644 index 00000000000..d27865b51fc --- /dev/null +++ b/2024/11xxx/CVE-2024-11099.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11099", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11100.json b/2024/11xxx/CVE-2024-11100.json new file mode 100644 index 00000000000..97af957feef --- /dev/null +++ b/2024/11xxx/CVE-2024-11100.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11100", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11101.json b/2024/11xxx/CVE-2024-11101.json new file mode 100644 index 00000000000..2fc0f845482 --- /dev/null +++ b/2024/11xxx/CVE-2024-11101.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11101", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11102.json b/2024/11xxx/CVE-2024-11102.json new file mode 100644 index 00000000000..df8cbb2fa15 --- /dev/null +++ b/2024/11xxx/CVE-2024-11102.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11102", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11103.json b/2024/11xxx/CVE-2024-11103.json new file mode 100644 index 00000000000..3cabec8fa9f --- /dev/null +++ b/2024/11xxx/CVE-2024-11103.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11103", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11104.json b/2024/11xxx/CVE-2024-11104.json new file mode 100644 index 00000000000..7b04f3c9fe2 --- /dev/null +++ b/2024/11xxx/CVE-2024-11104.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11104", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/39xxx/CVE-2024-39924.json b/2024/39xxx/CVE-2024-39924.json index f5174278e88..b4f9da03fc2 100644 --- a/2024/39xxx/CVE-2024-39924.json +++ b/2024/39xxx/CVE-2024-39924.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.0", "url": "https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.0" + }, + { + "refsource": "MISC", + "name": "https://www.mgm-sp.com/cve/missing-authentication-check-for-emergency-access", + "url": "https://www.mgm-sp.com/cve/missing-authentication-check-for-emergency-access" } ] } diff --git a/2024/39xxx/CVE-2024-39925.json b/2024/39xxx/CVE-2024-39925.json index c4be453f122..bcf328c4420 100644 --- a/2024/39xxx/CVE-2024-39925.json +++ b/2024/39xxx/CVE-2024-39925.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.0", "url": "https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.0" + }, + { + "refsource": "MISC", + "name": "https://www.mgm-sp.com/cve/missing-rotation-of-the-organization-key", + "url": "https://www.mgm-sp.com/cve/missing-rotation-of-the-organization-key" } ] } diff --git a/2024/39xxx/CVE-2024-39926.json b/2024/39xxx/CVE-2024-39926.json index 66d006e4083..5f939473a42 100644 --- a/2024/39xxx/CVE-2024-39926.json +++ b/2024/39xxx/CVE-2024-39926.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.0", "url": "https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.0" + }, + { + "refsource": "MISC", + "name": "https://www.mgm-sp.com/cve/html-injection-in-vaultwarden", + "url": "https://www.mgm-sp.com/cve/html-injection-in-vaultwarden" } ] } diff --git a/2024/44xxx/CVE-2024-44546.json b/2024/44xxx/CVE-2024-44546.json index 8515136fa5c..7af7dac5809 100644 --- a/2024/44xxx/CVE-2024-44546.json +++ b/2024/44xxx/CVE-2024-44546.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-44546", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-44546", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/PowerJob/PowerJob", + "refsource": "MISC", + "name": "https://github.com/PowerJob/PowerJob" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/jwx0539/5151f53ec497474cab6af4fa8ee6b6f7", + "url": "https://gist.github.com/jwx0539/5151f53ec497474cab6af4fa8ee6b6f7" } ] } diff --git a/2024/46xxx/CVE-2024-46962.json b/2024/46xxx/CVE-2024-46962.json index 0ffaf9dc0a1..3e8ddeb8874 100644 --- a/2024/46xxx/CVE-2024-46962.json +++ b/2024/46xxx/CVE-2024-46962.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46962", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46962", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0 for Android allows an attacker to execute arbitrary JavaScript code via the com.downloader.video.fast.SpeedMainAct component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://play.google.com/store/apps/details?id=com.downloader.video.fast", + "refsource": "MISC", + "name": "https://play.google.com/store/apps/details?id=com.downloader.video.fast" + }, + { + "refsource": "MISC", + "name": "https://github.com/actuator/com.downloader.video.fast/blob/main/CVE-2024-46962", + "url": "https://github.com/actuator/com.downloader.video.fast/blob/main/CVE-2024-46962" } ] } diff --git a/2024/46xxx/CVE-2024-46963.json b/2024/46xxx/CVE-2024-46963.json index f16ea79ac00..c468b1a2c94 100644 --- a/2024/46xxx/CVE-2024-46963.json +++ b/2024/46xxx/CVE-2024-46963.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46963", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46963", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The com.superfast.video.downloader (aka Super Unlimited Video Downloader - All in One) application through 5.1.9 for Android allows an attacker to execute arbitrary JavaScript code via the com.bluesky.browser.ui.BrowserMainActivity component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://play.google.com/store/apps/details?id=com.superfast.video.downloader", + "refsource": "MISC", + "name": "https://play.google.com/store/apps/details?id=com.superfast.video.downloader" + }, + { + "refsource": "MISC", + "name": "https://github.com/actuator/com.superfast.video.downloader/blob/main/CVE-2024-46963", + "url": "https://github.com/actuator/com.superfast.video.downloader/blob/main/CVE-2024-46963" } ] } diff --git a/2024/46xxx/CVE-2024-46964.json b/2024/46xxx/CVE-2024-46964.json index 5ff29c99991..0e69146351c 100644 --- a/2024/46xxx/CVE-2024-46964.json +++ b/2024/46xxx/CVE-2024-46964.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46964", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46964", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The com.video.downloader.all (aka All Video Downloader) application through 11.28 for Android allows an attacker to execute arbitrary JavaScript code via the com.video.downloader.all.StartActivity component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://play.google.com/store/apps/details?id=com.video.downloader.all", + "refsource": "MISC", + "name": "https://play.google.com/store/apps/details?id=com.video.downloader.all" + }, + { + "refsource": "MISC", + "name": "https://github.com/actuator/com.video.downloader.all/blob/main/CVE-2024-46964", + "url": "https://github.com/actuator/com.video.downloader.all/blob/main/CVE-2024-46964" } ] } diff --git a/2024/46xxx/CVE-2024-46965.json b/2024/46xxx/CVE-2024-46965.json index 16bc8468eaa..6adc8a08090 100644 --- a/2024/46xxx/CVE-2024-46965.json +++ b/2024/46xxx/CVE-2024-46965.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46965", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46965", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6-RC1 for Android allows an attacker to execute arbitrary JavaScript code via the allvideo.downloader.browser.DefaultBrowserActivity component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://play.google.com/store/apps/details?id=allvideo.downloader.browser", + "refsource": "MISC", + "name": "https://play.google.com/store/apps/details?id=allvideo.downloader.browser" + }, + { + "refsource": "MISC", + "name": "https://github.com/actuator/allvideo.downloader.browser/blob/main/CVE-2024-46965", + "url": "https://github.com/actuator/allvideo.downloader.browser/blob/main/CVE-2024-46965" } ] } diff --git a/2024/46xxx/CVE-2024-46966.json b/2024/46xxx/CVE-2024-46966.json index 90e19166da2..dea61e12dc0 100644 --- a/2024/46xxx/CVE-2024-46966.json +++ b/2024/46xxx/CVE-2024-46966.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-46966", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-46966", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Ikhgur mn.ikhgur.khotoch (aka Video Downloader Pro & Browser) application through 1.0.42 for Android allows an attacker to execute arbitrary JavaScript code via the mn.ikhgur.khotoch.MainActivity component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://play.google.com/store/apps/details?id=mn.ikhgur.khotoch", + "refsource": "MISC", + "name": "https://play.google.com/store/apps/details?id=mn.ikhgur.khotoch" + }, + { + "refsource": "MISC", + "name": "https://github.com/actuator/mn.ikhgur.khotoch/blob/main/CVE-2024-46966", + "url": "https://github.com/actuator/mn.ikhgur.khotoch/blob/main/CVE-2024-46966" } ] } diff --git a/2024/51xxx/CVE-2024-51026.json b/2024/51xxx/CVE-2024-51026.json index cc471bf7297..0340c32d87b 100644 --- a/2024/51xxx/CVE-2024-51026.json +++ b/2024/51xxx/CVE-2024-51026.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-51026", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-51026", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting (XSS) vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/BrotherOfJhonny/CVE-2024-51026_Overview", + "url": "https://github.com/BrotherOfJhonny/CVE-2024-51026_Overview" } ] } diff --git a/2024/51xxx/CVE-2024-51188.json b/2024/51xxx/CVE-2024-51188.json index b4cddd6708e..8e5df76bfa9 100644 --- a/2024/51xxx/CVE-2024-51188.json +++ b/2024/51xxx/CVE-2024-51188.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-51188", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-51188", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the vsRule_VirtualServerName_1.1.10.0.0 parameter on the /virtual_server.htm page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.trendnet.com/products/product-detail?prod=245_TEW-652BRU", + "refsource": "MISC", + "name": "https://www.trendnet.com/products/product-detail?prod=245_TEW-652BRU" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-651BR", + "refsource": "MISC", + "name": "https://www.trendnet.com/products/product-detail?prod=235_TEW-651BR" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-652BRP", + "refsource": "MISC", + "name": "https://www.trendnet.com/products/product-detail?prod=235_TEW-652BRP" + }, + { + "refsource": "MISC", + "name": "https://github.com/4hsien/CVE-vulns/blob/main/TRENDnet/TEW-652BRP/XSS_Virtual_Server/README.md", + "url": "https://github.com/4hsien/CVE-vulns/blob/main/TRENDnet/TEW-652BRP/XSS_Virtual_Server/README.md" } ] }