From f0b78d12ebfa1b79a8a09cc4709fe21e22a5a003 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 20 Nov 2024 00:00:31 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/9xxx/CVE-2018-9467.json | 87 +++++++++++++++++++++++--- 2024/44xxx/CVE-2024-44306.json | 54 ++++++++++++++-- 2024/44xxx/CVE-2024-44307.json | 54 ++++++++++++++-- 2024/44xxx/CVE-2024-44308.json | 110 +++++++++++++++++++++++++++++++-- 2024/44xxx/CVE-2024-44309.json | 110 +++++++++++++++++++++++++++++++-- 5 files changed, 391 insertions(+), 24 deletions(-) diff --git a/2018/9xxx/CVE-2018-9467.json b/2018/9xxx/CVE-2018-9467.json index 40da30dedf4..d5f501bcfac 100644 --- a/2018/9xxx/CVE-2018-9467.json +++ b/2018/9xxx/CVE-2018-9467.json @@ -1,18 +1,89 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-9467", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2018-9467", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. This could lead to incorrect security decisions with no additional execution privileges needed. User interaction is not needed for exploitation." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7" + }, + { + "version_affected": "=", + "version_value": "8" + }, + { + "version_affected": "=", + "version_value": "8.1" + }, + { + "version_affected": "=", + "version_value": "9" + }, + { + "version_affected": "=", + "version_value": "nyc-mr1-dev" + }, + { + "version_affected": "=", + "version_value": "nyc-mr2-dev" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://source.android.com/security/bulletin/2018-09-01", + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2018-09-01" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/44xxx/CVE-2024-44306.json b/2024/44xxx/CVE-2024-44306.json index cd5d874d73b..91faff77ff4 100644 --- a/2024/44xxx/CVE-2024-44306.json +++ b/2024/44xxx/CVE-2024-44306.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-44306", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/120911", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/120911" } ] } diff --git a/2024/44xxx/CVE-2024-44307.json b/2024/44xxx/CVE-2024-44307.json index 610fa1e439c..968de22a2f6 100644 --- a/2024/44xxx/CVE-2024-44307.json +++ b/2024/44xxx/CVE-2024-44307.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-44307", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/120911", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/120911" } ] } diff --git a/2024/44xxx/CVE-2024-44308.json b/2024/44xxx/CVE-2024-44308.json index b81e7e092aa..1ebe74c563a 100644 --- a/2024/44xxx/CVE-2024-44308.json +++ b/2024/44xxx/CVE-2024-44308.json @@ -1,17 +1,119 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-44308", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems." + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.1" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.1" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121756", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121756" + }, + { + "url": "https://support.apple.com/en-us/121753", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121753" + }, + { + "url": "https://support.apple.com/en-us/121752", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121752" + }, + { + "url": "https://support.apple.com/en-us/121755", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121755" + }, + { + "url": "https://support.apple.com/en-us/121754", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121754" } ] } diff --git a/2024/44xxx/CVE-2024-44309.json b/2024/44xxx/CVE-2024-44309.json index e2026175273..e9f031762b6 100644 --- a/2024/44xxx/CVE-2024-44309.json +++ b/2024/44xxx/CVE-2024-44309.json @@ -1,17 +1,119 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-44309", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems." + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.1" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.1" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121756", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121756" + }, + { + "url": "https://support.apple.com/en-us/121753", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121753" + }, + { + "url": "https://support.apple.com/en-us/121752", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121752" + }, + { + "url": "https://support.apple.com/en-us/121755", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121755" + }, + { + "url": "https://support.apple.com/en-us/121754", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121754" } ] }