From ed51ecdd94e694b9016a7d7ae80eb0686db8f6b9 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 31 Jan 2025 22:00:31 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/53xxx/CVE-2024-53354.json | 56 ++++++++++++++++++++++++++++++---- 2024/53xxx/CVE-2024-53355.json | 56 ++++++++++++++++++++++++++++++---- 2024/53xxx/CVE-2024-53356.json | 56 ++++++++++++++++++++++++++++++---- 2024/53xxx/CVE-2024-53357.json | 56 ++++++++++++++++++++++++++++++---- 2024/55xxx/CVE-2024-55062.json | 56 ++++++++++++++++++++++++++++++---- 2024/57xxx/CVE-2024-57433.json | 56 ++++++++++++++++++++++++++++++---- 2024/57xxx/CVE-2024-57434.json | 56 ++++++++++++++++++++++++++++++---- 2024/57xxx/CVE-2024-57435.json | 56 ++++++++++++++++++++++++++++++---- 2024/57xxx/CVE-2024-57587.json | 56 ++++++++++++++++++++++++++++++---- 2025/0xxx/CVE-2025-0958.json | 18 +++++++++++ 2025/0xxx/CVE-2025-0959.json | 18 +++++++++++ 2025/25xxx/CVE-2025-25039.json | 18 +++++++++++ 2025/25xxx/CVE-2025-25040.json | 18 +++++++++++ 2025/25xxx/CVE-2025-25041.json | 18 +++++++++++ 2025/25xxx/CVE-2025-25042.json | 18 +++++++++++ 2025/25xxx/CVE-2025-25043.json | 18 +++++++++++ 16 files changed, 576 insertions(+), 54 deletions(-) create mode 100644 2025/0xxx/CVE-2025-0958.json create mode 100644 2025/0xxx/CVE-2025-0959.json create mode 100644 2025/25xxx/CVE-2025-25039.json create mode 100644 2025/25xxx/CVE-2025-25040.json create mode 100644 2025/25xxx/CVE-2025-25041.json create mode 100644 2025/25xxx/CVE-2025-25042.json create mode 100644 2025/25xxx/CVE-2025-25043.json diff --git a/2024/53xxx/CVE-2024-53354.json b/2024/53xxx/CVE-2024-53354.json index 68bd447b571..4ae94b8beb5 100644 --- a/2024/53xxx/CVE-2024-53354.json +++ b/2024/53xxx/CVE-2024-53354.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-53354", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-53354", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to SQL Injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53354.md", + "url": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53354.md" } ] } diff --git a/2024/53xxx/CVE-2024-53355.json b/2024/53xxx/CVE-2024-53355.json index 78437b4f309..73fcfd91893 100644 --- a/2024/53xxx/CVE-2024-53355.json +++ b/2024/53xxx/CVE-2024-53355.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-53355", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-53355", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to Incorrect Access Control. This vulnerability allows the api to be used to create/modify/delete information about aliases (users) / users (groups) / roles." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53355.md", + "url": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53355.md" } ] } diff --git a/2024/53xxx/CVE-2024-53356.json b/2024/53xxx/CVE-2024-53356.json index 6599205ce43..5145bb80c25 100644 --- a/2024/53xxx/CVE-2024-53356.json +++ b/2024/53xxx/CVE-2024-53356.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-53356", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-53356", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privilege escalation as the password token suffers from weak encryption making it possible to brute-force the password token." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53356.md", + "url": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53356.md" } ] } diff --git a/2024/53xxx/CVE-2024-53357.json b/2024/53xxx/CVE-2024-53357.json index 0b6a5980a24..7929617bb42 100644 --- a/2024/53xxx/CVE-2024-53357.json +++ b/2024/53xxx/CVE-2024-53357.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-53357", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-53357", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0, the AES encryption keys used to encrypt passwords are not stored securely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53357.md", + "url": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53357.md" } ] } diff --git a/2024/55xxx/CVE-2024-55062.json b/2024/55xxx/CVE-2024-55062.json index aa48486fa4c..66062d53002 100644 --- a/2024/55xxx/CVE-2024-55062.json +++ b/2024/55xxx/CVE-2024-55062.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-55062", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-55062", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to Command injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-55062.md", + "url": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-55062.md" } ] } diff --git a/2024/57xxx/CVE-2024-57433.json b/2024/57xxx/CVE-2024-57433.json index 50e66fce177..10b22c2e6fa 100644 --- a/2024/57xxx/CVE-2024-57433.json +++ b/2024/57xxx/CVE-2024-57433.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-57433", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-57433", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function. After a user logs out, their token is still available and fetches information in the logged-in state." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/peccc/restful_vul/blob/main/mall_tiny_logout_failed/mall_tiny_logout_failed.md", + "url": "https://github.com/peccc/restful_vul/blob/main/mall_tiny_logout_failed/mall_tiny_logout_failed.md" } ] } diff --git a/2024/57xxx/CVE-2024-57434.json b/2024/57xxx/CVE-2024-57434.json index 083f9dcc280..36e5b2b2086 100644 --- a/2024/57xxx/CVE-2024-57434.json +++ b/2024/57xxx/CVE-2024-57434.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-57434", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-57434", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users by default, and the test user is made a super administrator." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/peccc/restful_vul/blob/main/mall_tiny_weak_password/mall_tiny_weak_password.md", + "refsource": "MISC", + "name": "https://github.com/peccc/restful_vul/blob/main/mall_tiny_weak_password/mall_tiny_weak_password.md" } ] } diff --git a/2024/57xxx/CVE-2024-57435.json b/2024/57xxx/CVE-2024-57435.json index 38f0b35bbdc..b0b8fcc6b7a 100644 --- a/2024/57xxx/CVE-2024-57435.json +++ b/2024/57xxx/CVE-2024-57435.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-57435", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-57435", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In macrozheng mall-tiny 1.0.1, an attacker can send null data through the resource creation interface resulting in a null pointer dereference occurring in all subsequent operations that require authentication, which triggers a denial-of-service attack and service restart failure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/peccc/restful_vul/blob/main/mall_tiny_dos/mall_tiny_dos.md", + "refsource": "MISC", + "name": "https://github.com/peccc/restful_vul/blob/main/mall_tiny_dos/mall_tiny_dos.md" } ] } diff --git a/2024/57xxx/CVE-2024-57587.json b/2024/57xxx/CVE-2024-57587.json index db876a2123e..e31fc185309 100644 --- a/2024/57xxx/CVE-2024-57587.json +++ b/2024/57xxx/CVE-2024-57587.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-57587", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-57587", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to SQL Injection on the authentication portal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-57587.md", + "url": "https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-57587.md" } ] } diff --git a/2025/0xxx/CVE-2025-0958.json b/2025/0xxx/CVE-2025-0958.json new file mode 100644 index 00000000000..30f9add8616 --- /dev/null +++ b/2025/0xxx/CVE-2025-0958.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0958", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0959.json b/2025/0xxx/CVE-2025-0959.json new file mode 100644 index 00000000000..c2e709db63c --- /dev/null +++ b/2025/0xxx/CVE-2025-0959.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0959", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/25xxx/CVE-2025-25039.json b/2025/25xxx/CVE-2025-25039.json new file mode 100644 index 00000000000..7995059d02e --- /dev/null +++ b/2025/25xxx/CVE-2025-25039.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-25039", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/25xxx/CVE-2025-25040.json b/2025/25xxx/CVE-2025-25040.json new file mode 100644 index 00000000000..dbb421f1d27 --- /dev/null +++ b/2025/25xxx/CVE-2025-25040.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-25040", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/25xxx/CVE-2025-25041.json b/2025/25xxx/CVE-2025-25041.json new file mode 100644 index 00000000000..593350e64f6 --- /dev/null +++ b/2025/25xxx/CVE-2025-25041.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-25041", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/25xxx/CVE-2025-25042.json b/2025/25xxx/CVE-2025-25042.json new file mode 100644 index 00000000000..d293dcc75dd --- /dev/null +++ b/2025/25xxx/CVE-2025-25042.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-25042", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/25xxx/CVE-2025-25043.json b/2025/25xxx/CVE-2025-25043.json new file mode 100644 index 00000000000..712f035a331 --- /dev/null +++ b/2025/25xxx/CVE-2025-25043.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-25043", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file