diff --git a/2023/27xxx/CVE-2023-27524.json b/2023/27xxx/CVE-2023-27524.json index e6b60156a47..88e2a619bf5 100644 --- a/2023/27xxx/CVE-2023-27524.json +++ b/2023/27xxx/CVE-2023-27524.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config." + "value": "Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.\n\nAll superset installations should always set a unique secure random SECRET_KEY. Your SECRET_KEY is used to securely sign all session cookies and encrypting sensitive information on the database.\nAdd a strong SECRET_KEY to your `superset_config.py` file like:\n\nSECRET_KEY = \n\nAlternatively you can set it with `SUPERSET_SECRET_KEY` environment variable.\n" } ] }, @@ -61,19 +61,19 @@ "name": "https://lists.apache.org/thread/n0ftx60sllf527j7g11kmt24wvof8xyk" }, { - "url": "http://www.openwall.com/lists/oss-security/2023/04/24/2", + "url": "https://www.openwall.com/lists/oss-security/2023/04/24/2", "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2023/04/24/2" + "name": "https://www.openwall.com/lists/oss-security/2023/04/24/2" }, { - "url": "http://packetstormsecurity.com/files/172522/Apache-Superset-2.0.0-Authentication-Bypass.html", + "url": "https://packetstormsecurity.com/files/172522/Apache-Superset-2.0.0-Authentication-Bypass.html", "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/172522/Apache-Superset-2.0.0-Authentication-Bypass.html" + "name": "https://packetstormsecurity.com/files/172522/Apache-Superset-2.0.0-Authentication-Bypass.html" }, { - "url": "http://packetstormsecurity.com/files/175094/Apache-Superset-2.0.0-Remote-Code-Execution.html", + "url": "https://packetstormsecurity.com/files/175094/Apache-Superset-2.0.0-Remote-Code-Execution.html", "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/175094/Apache-Superset-2.0.0-Remote-Code-Execution.html" + "name": "https://packetstormsecurity.com/files/175094/Apache-Superset-2.0.0-Remote-Code-Execution.html" } ] }, diff --git a/2023/48xxx/CVE-2023-48383.json b/2023/48xxx/CVE-2023-48383.json index d1d3e8861be..79e433f4820 100644 --- a/2023/48xxx/CVE-2023-48383.json +++ b/2023/48xxx/CVE-2023-48383.json @@ -87,10 +87,10 @@ { "base64": false, "type": "text/html", - "value": "Update to v2.9.0.231006 or latest version" + "value": "Update to v2.9.0.231006 or latest version." } ], - "value": "Update to v2.9.0.231006 or latest version" + "value": "Update to v2.9.0.231006 or latest version." } ], "impact": { diff --git a/2023/52xxx/CVE-2023-52341.json b/2023/52xxx/CVE-2023-52341.json index 68b22dfeb0c..43b1661deb0 100644 --- a/2023/52xxx/CVE-2023-52341.json +++ b/2023/52xxx/CVE-2023-52341.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52341", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Plaintext COUNTER CHECK message accepted before AS security activation, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android11/Android12/Android13" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52342.json b/2023/52xxx/CVE-2023-52342.json index 1b02984bd53..48354e52b85 100644 --- a/2023/52xxx/CVE-2023-52342.json +++ b/2023/52xxx/CVE-2023-52342.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52342", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52343.json b/2023/52xxx/CVE-2023-52343.json index 4bd14b6f701..2ae0d40dc76 100644 --- a/2023/52xxx/CVE-2023-52343.json +++ b/2023/52xxx/CVE-2023-52343.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52343", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In SecurityCommand message after as security has been actived., there is a possible improper input validation. This could lead to remote information disclosure no additional execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52344.json b/2023/52xxx/CVE-2023-52344.json index 11639cec600..a0ac8d47ee5 100644 --- a/2023/52xxx/CVE-2023-52344.json +++ b/2023/52xxx/CVE-2023-52344.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52344", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52345.json b/2023/52xxx/CVE-2023-52345.json index adafcfbfbe1..3324107a2c7 100644 --- a/2023/52xxx/CVE-2023-52345.json +++ b/2023/52xxx/CVE-2023-52345.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52345", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52346.json b/2023/52xxx/CVE-2023-52346.json index 3ee0845537b..3512245e2a0 100644 --- a/2023/52xxx/CVE-2023-52346.json +++ b/2023/52xxx/CVE-2023-52346.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52346", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52347.json b/2023/52xxx/CVE-2023-52347.json index 5eb76209e81..edf470d81f7 100644 --- a/2023/52xxx/CVE-2023-52347.json +++ b/2023/52xxx/CVE-2023-52347.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52347", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52348.json b/2023/52xxx/CVE-2023-52348.json index 3ad476098dc..bae6930a5b7 100644 --- a/2023/52xxx/CVE-2023-52348.json +++ b/2023/52xxx/CVE-2023-52348.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52348", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52349.json b/2023/52xxx/CVE-2023-52349.json index e8d0f0c2236..61c720da459 100644 --- a/2023/52xxx/CVE-2023-52349.json +++ b/2023/52xxx/CVE-2023-52349.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52349", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52350.json b/2023/52xxx/CVE-2023-52350.json index 9f65b09c133..ab327da6b63 100644 --- a/2023/52xxx/CVE-2023-52350.json +++ b/2023/52xxx/CVE-2023-52350.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52350", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52351.json b/2023/52xxx/CVE-2023-52351.json index cc715fa1ec8..4cee3dc016a 100644 --- a/2023/52xxx/CVE-2023-52351.json +++ b/2023/52xxx/CVE-2023-52351.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52351", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52352.json b/2023/52xxx/CVE-2023-52352.json index 64c3285a0a2..864b551c42b 100644 --- a/2023/52xxx/CVE-2023-52352.json +++ b/2023/52xxx/CVE-2023-52352.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52352", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2023/52xxx/CVE-2023-52359.json b/2023/52xxx/CVE-2023-52359.json index dcff86ab3b9..83ec1313393 100644 --- a/2023/52xxx/CVE-2023-52359.json +++ b/2023/52xxx/CVE-2023-52359.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52359", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of permission verification in some APIs in the ActivityTaskManagerService module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52364.json b/2023/52xxx/CVE-2023-52364.json index 57d764e7df7..d35c3bd07f8 100644 --- a/2023/52xxx/CVE-2023-52364.json +++ b/2023/52xxx/CVE-2023-52364.json @@ -1,18 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52364", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of input parameters being not strictly verified in the RSMC module.\nImpact: Successful exploitation of this vulnerability may cause out-of-bounds write." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52385.json b/2023/52xxx/CVE-2023-52385.json index fbea7a9b003..ac79c0b1ec8 100644 --- a/2023/52xxx/CVE-2023-52385.json +++ b/2023/52xxx/CVE-2023-52385.json @@ -1,18 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52385", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out-of-bounds write vulnerability in the RSMC module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52386.json b/2023/52xxx/CVE-2023-52386.json index 6132d6313b6..fff648ff35e 100644 --- a/2023/52xxx/CVE-2023-52386.json +++ b/2023/52xxx/CVE-2023-52386.json @@ -1,18 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52386", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out-of-bounds write vulnerability in the RSMC module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Handling of Length Parameter Inconsistency" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52388.json b/2023/52xxx/CVE-2023-52388.json index cfbdabd77ac..6a6e35e8f64 100644 --- a/2023/52xxx/CVE-2023-52388.json +++ b/2023/52xxx/CVE-2023-52388.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52388", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Permission control vulnerability in the clock module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52533.json b/2023/52xxx/CVE-2023-52533.json index d17f8a1378a..aeb927c499b 100644 --- a/2023/52xxx/CVE-2023-52533.json +++ b/2023/52xxx/CVE-2023-52533.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52533", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602" } ] } diff --git a/2023/52xxx/CVE-2023-52534.json b/2023/52xxx/CVE-2023-52534.json index 32757cb660e..c60b4194bf3 100644 --- a/2023/52xxx/CVE-2023-52534.json +++ b/2023/52xxx/CVE-2023-52534.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52534", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602" } ] } diff --git a/2023/52xxx/CVE-2023-52535.json b/2023/52xxx/CVE-2023-52535.json index e330ef57813..3e68f2ddc46 100644 --- a/2023/52xxx/CVE-2023-52535.json +++ b/2023/52xxx/CVE-2023-52535.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52535", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In vsp driver, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T610/T618", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602" } ] } diff --git a/2023/52xxx/CVE-2023-52536.json b/2023/52xxx/CVE-2023-52536.json index 76970a670d4..6f6ae9d3a43 100644 --- a/2023/52xxx/CVE-2023-52536.json +++ b/2023/52xxx/CVE-2023-52536.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52536", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602" } ] } diff --git a/2023/52xxx/CVE-2023-52537.json b/2023/52xxx/CVE-2023-52537.json index 7afd4eb0c83..358a67f87d3 100644 --- a/2023/52xxx/CVE-2023-52537.json +++ b/2023/52xxx/CVE-2023-52537.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52537", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of package name verification being bypassed in the HwIms module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52538.json b/2023/52xxx/CVE-2023-52538.json index d2a2cf0b3e5..19cd3713eeb 100644 --- a/2023/52xxx/CVE-2023-52538.json +++ b/2023/52xxx/CVE-2023-52538.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52538", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of package name verification being bypassed in the HwIms module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52539.json b/2023/52xxx/CVE-2023-52539.json index c7c3831e917..18451f190da 100644 --- a/2023/52xxx/CVE-2023-52539.json +++ b/2023/52xxx/CVE-2023-52539.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52539", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Permission verification vulnerability in the Settings module.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Configuration" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52540.json b/2023/52xxx/CVE-2023-52540.json index cf40987832d..e85479dbf28 100644 --- a/2023/52xxx/CVE-2023-52540.json +++ b/2023/52xxx/CVE-2023-52540.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52540", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of improper authentication in the Iaware module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52541.json b/2023/52xxx/CVE-2023-52541.json index 2bfe534c0aa..199f1551eed 100644 --- a/2023/52xxx/CVE-2023-52541.json +++ b/2023/52xxx/CVE-2023-52541.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52541", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Authentication vulnerability in the API for app pre-loading.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52542.json b/2023/52xxx/CVE-2023-52542.json index c46e7505d14..6547ec14799 100644 --- a/2023/52xxx/CVE-2023-52542.json +++ b/2023/52xxx/CVE-2023-52542.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52542", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Permission verification vulnerability in the system module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52543.json b/2023/52xxx/CVE-2023-52543.json index 6a83c3615b1..396e88613a8 100644 --- a/2023/52xxx/CVE-2023-52543.json +++ b/2023/52xxx/CVE-2023-52543.json @@ -1,18 +1,106 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52543", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Permission verification vulnerability in the system module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-269 Improper Privilege Management", + "cweId": "CWE-269" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52544.json b/2023/52xxx/CVE-2023-52544.json index 77a702e0167..3d7388638f5 100644 --- a/2023/52xxx/CVE-2023-52544.json +++ b/2023/52xxx/CVE-2023-52544.json @@ -1,18 +1,106 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52544", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of file path verification being bypassed in the email module.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52545.json b/2023/52xxx/CVE-2023-52545.json index dfb3684ab9b..ba221ef5ba1 100644 --- a/2023/52xxx/CVE-2023-52545.json +++ b/2023/52xxx/CVE-2023-52545.json @@ -1,18 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52545", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of undefined permissions in the Calendar app.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52546.json b/2023/52xxx/CVE-2023-52546.json index e5fa3c8f824..358e9afdce4 100644 --- a/2023/52xxx/CVE-2023-52546.json +++ b/2023/52xxx/CVE-2023-52546.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52546", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of package name verification being bypassed in the Calendar app.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52549.json b/2023/52xxx/CVE-2023-52549.json index 6980af02ab9..9fa6092b9b0 100644 --- a/2023/52xxx/CVE-2023-52549.json +++ b/2023/52xxx/CVE-2023-52549.json @@ -1,18 +1,106 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52549", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of data verification errors in the kernel module.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52550.json b/2023/52xxx/CVE-2023-52550.json index 956f82e5a85..f9853bd173c 100644 --- a/2023/52xxx/CVE-2023-52550.json +++ b/2023/52xxx/CVE-2023-52550.json @@ -1,18 +1,106 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52550", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of data verification errors in the kernel module.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52551.json b/2023/52xxx/CVE-2023-52551.json index 4cc78b7414c..573b7bee27a 100644 --- a/2023/52xxx/CVE-2023-52551.json +++ b/2023/52xxx/CVE-2023-52551.json @@ -1,18 +1,106 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52551", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerability of data verification errors in the kernel module.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", + "cweId": "CWE-120" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52552.json b/2023/52xxx/CVE-2023-52552.json index 8723840fd09..eb0db9c1877 100644 --- a/2023/52xxx/CVE-2023-52552.json +++ b/2023/52xxx/CVE-2023-52552.json @@ -1,18 +1,98 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52552", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Input verification vulnerability in the power module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52553.json b/2023/52xxx/CVE-2023-52553.json index 55c038e11f0..5fa6e6f9986 100644 --- a/2023/52xxx/CVE-2023-52553.json +++ b/2023/52xxx/CVE-2023-52553.json @@ -1,18 +1,106 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52553", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Race condition vulnerability in the Wi-Fi module.\nImpact: Successful exploitation of this vulnerability will affect availability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", + "cweId": "CWE-362" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2023/52xxx/CVE-2023-52554.json b/2023/52xxx/CVE-2023-52554.json index 9ca2652f947..ffd5a65b421 100644 --- a/2023/52xxx/CVE-2023-52554.json +++ b/2023/52xxx/CVE-2023-52554.json @@ -1,18 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52554", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Permission control vulnerability in the Bluetooth module.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HarmonyOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.0.0" + }, + { + "version_affected": "=", + "version_value": "3.1.0" + }, + { + "version_affected": "=", + "version_value": "3.0.0" + }, + { + "version_affected": "=", + "version_value": "2.1.0" + }, + { + "version_affected": "=", + "version_value": "2.0.0" + } + ] + } + }, + { + "product_name": "EMUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13.0.0" + }, + { + "version_affected": "=", + "version_value": "12.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "refsource": "MISC", + "name": "https://consumer.huawei.com/en/support/bulletin/2024/3/" + }, + { + "url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "refsource": "MISC", + "name": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/1xxx/CVE-2024-1292.json b/2024/1xxx/CVE-2024-1292.json index 3b028b6e10d..d6a40af9717 100644 --- a/2024/1xxx/CVE-2024-1292.json +++ b/2024/1xxx/CVE-2024-1292.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" + "value": "The wpb-show-core WordPress plugin before 2.6 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" } ] }, @@ -41,7 +41,7 @@ { "version_affected": "<", "version_name": "0", - "version_value": "2.7" + "version_value": "2.6" } ] } diff --git a/2024/1xxx/CVE-2024-1956.json b/2024/1xxx/CVE-2024-1956.json index a42d1933251..65dcb4b8cab 100644 --- a/2024/1xxx/CVE-2024-1956.json +++ b/2024/1xxx/CVE-2024-1956.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1956", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an unauthenticated request, leading to a Reflected Cross-Site Scripting" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "wpb-show-core", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/d7034ac2-0098-48d2-9ba9-87e09b178f7d/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/d7034ac2-0098-48d2-9ba9-87e09b178f7d/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Bob Matyas" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/1xxx/CVE-2024-1958.json b/2024/1xxx/CVE-2024-1958.json index c4cf6ca262b..f34c6beefe6 100644 --- a/2024/1xxx/CVE-2024-1958.json +++ b/2024/1xxx/CVE-2024-1958.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users" + "value": "The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users" } ] }, diff --git a/2024/22xxx/CVE-2024-22949.json b/2024/22xxx/CVE-2024-22949.json index 315fc374973..52e65560650 100644 --- a/2024/22xxx/CVE-2024-22949.json +++ b/2024/22xxx/CVE-2024-22949.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-22949", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-22949", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://jfreechart.com", + "refsource": "MISC", + "name": "http://jfreechart.com" + }, + { + "url": "https://github.com/jfree/jfreechart", + "refsource": "MISC", + "name": "https://github.com/jfree/jfreechart" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/LLM4IG/35c46e009b205ef6acd0e290e80fb876", + "url": "https://gist.github.com/LLM4IG/35c46e009b205ef6acd0e290e80fb876" } ] } diff --git a/2024/23xxx/CVE-2024-23079.json b/2024/23xxx/CVE-2024-23079.json index 2d073219d02..78f95699c29 100644 --- a/2024/23xxx/CVE-2024-23079.json +++ b/2024/23xxx/CVE-2024-23079.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-23079", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-23079", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://jgrapht.com", + "refsource": "MISC", + "name": "http://jgrapht.com" + }, + { + "url": "https://github.com/jgrapht/jgrapht", + "refsource": "MISC", + "name": "https://github.com/jgrapht/jgrapht" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/LLM4IG/c19779800945cd0a400d2150fb83d079", + "url": "https://gist.github.com/LLM4IG/c19779800945cd0a400d2150fb83d079" } ] } diff --git a/2024/23xxx/CVE-2024-23189.json b/2024/23xxx/CVE-2024-23189.json index c250a49fc20..7d42f344921 100644 --- a/2024/23xxx/CVE-2024-23189.json +++ b/2024/23xxx/CVE-2024-23189.json @@ -1,17 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23189", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@open-xchange.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Embedded content references at tasks could be used to temporarily execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to the users account, access to another account within the same context or an successful social engineering attack to make users import external content. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. Sanitization of user-generated content has been improved. No publicly available exploits are known." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Open-Xchange GmbH", + "product": { + "product_data": [ + { + "product_name": "OX App Suite", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "7.10.6-rev40" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json", + "refsource": "MISC", + "name": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json" + } + ] + }, + "source": { + "defect": "OXUIB-2689", + "discovery": "INTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/23xxx/CVE-2024-23190.json b/2024/23xxx/CVE-2024-23190.json index 73900cf45c2..a65c6029806 100644 --- a/2024/23xxx/CVE-2024-23190.json +++ b/2024/23xxx/CVE-2024-23190.json @@ -1,17 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23190", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@open-xchange.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Upsell shop information of an account can be manipulated to execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to a users account or an successful social engineering attack to lure users to maliciously configured accounts. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. Sanitization of user-defined upsell content has been improved. No publicly available exploits are known." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Open-Xchange GmbH", + "product": { + "product_data": [ + { + "product_name": "OX App Suite", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "7.10.6-rev40" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json", + "refsource": "MISC", + "name": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json" + } + ] + }, + "source": { + "defect": "OXUIB-2688", + "discovery": "INTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/23xxx/CVE-2024-23191.json b/2024/23xxx/CVE-2024-23191.json index 7ec09b62597..760afa28ffe 100644 --- a/2024/23xxx/CVE-2024-23191.json +++ b/2024/23xxx/CVE-2024-23191.json @@ -1,17 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23191", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@open-xchange.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Upsell advertisement information of an account can be manipulated to execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to a users account or an successful social engineering attack to lure users to maliciously configured accounts. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. Sanitization of user-defined upsell content has been improved. No publicly available exploits are known." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Open-Xchange GmbH", + "product": { + "product_data": [ + { + "product_name": "OX App Suite", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "7.10.6-rev40" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json", + "refsource": "MISC", + "name": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json" + } + ] + }, + "source": { + "defect": "OXUIB-2663", + "discovery": "INTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/23xxx/CVE-2024-23192.json b/2024/23xxx/CVE-2024-23192.json index 908b56ae9cf..eb8400e9614 100644 --- a/2024/23xxx/CVE-2024-23192.json +++ b/2024/23xxx/CVE-2024-23192.json @@ -1,17 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23192", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@open-xchange.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "RSS feeds that contain malicious data- attributes could be abused to inject script code to a users browser session when reading compromised RSS feeds or successfully luring users to compromised accounts. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. Potentially malicious attributes now get removed from external RSS content. No publicly available exploits are known." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Open-Xchange GmbH", + "product": { + "product_data": [ + { + "product_name": "OX App Suite", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "7.10.6-rev40" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json", + "refsource": "MISC", + "name": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json" + } + ] + }, + "source": { + "defect": "OXUIB-2660", + "discovery": "INTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/23xxx/CVE-2024-23584.json b/2024/23xxx/CVE-2024-23584.json index f2386e48589..8d55ddbe64d 100644 --- a/2024/23xxx/CVE-2024-23584.json +++ b/2024/23xxx/CVE-2024-23584.json @@ -1,17 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23584", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@hcl.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The NMAP Importer service\u200b may expose data store credentials to authorized users of the Windows Registry.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HCL Software", + "product": { + "product_data": [ + { + "product_name": "BigFix Enterprise Suite Asset Discovery", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<=109" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112264", + "refsource": "MISC", + "name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112264" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/23xxx/CVE-2024-23658.json b/2024/23xxx/CVE-2024-23658.json index 940d57a438b..e4e30f61b36 100644 --- a/2024/23xxx/CVE-2024-23658.json +++ b/2024/23xxx/CVE-2024-23658.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23658", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@unisoc.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.", + "product": { + "product_data": [ + { + "product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android12/Android13/Android14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313", + "refsource": "MISC", + "name": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313" } ] } diff --git a/2024/27xxx/CVE-2024-27488.json b/2024/27xxx/CVE-2024-27488.json index d8b07a870f2..17f20eba2c9 100644 --- a/2024/27xxx/CVE-2024-27488.json +++ b/2024/27xxx/CVE-2024-27488.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-27488", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-27488", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote attackers to escalate privileges and obtain sensitive information. The application system enables the http API interface by default and uses the secret parameter method to authenticate the http restful api interface, but the secret is hardcoded by default." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/tr4pmaker/44442d6f068458175213f4ba71da1312", + "url": "https://gist.github.com/tr4pmaker/44442d6f068458175213f4ba71da1312" } ] } diff --git a/2024/30xxx/CVE-2024-30659.json b/2024/30xxx/CVE-2024-30659.json index c74f647817e..21c1595a815 100644 --- a/2024/30xxx/CVE-2024-30659.json +++ b/2024/30xxx/CVE-2024-30659.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30659", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30659", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Shell Injection vulnerability in ROS (Robot Operating System) Melodic Morenia versions ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, escalate privileges, and obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30659", + "url": "https://github.com/yashpatelphd/CVE-2024-30659" } ] } diff --git a/2024/30xxx/CVE-2024-30661.json b/2024/30xxx/CVE-2024-30661.json index 9ba5d76cbba..a1905bbf896 100644 --- a/2024/30xxx/CVE-2024-30661.json +++ b/2024/30xxx/CVE-2024-30661.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30661", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30661", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An unauthorized access vulnerability has been discovered in ROS Melodic Morenia versions where ROS_VERSION is 1 and ROS_PYTHON_VERSION is 3. This vulnerability could potentially allow a malicious user to gain unauthorized information access to multiple ROS nodes remotely. Unauthorized information access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30661", + "url": "https://github.com/yashpatelphd/CVE-2024-30661" } ] } diff --git a/2024/30xxx/CVE-2024-30662.json b/2024/30xxx/CVE-2024-30662.json index bb16ddf3aee..a7d9585d547 100644 --- a/2024/30xxx/CVE-2024-30662.json +++ b/2024/30xxx/CVE-2024-30662.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30662", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30662", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, where the system transmits messages in plaintext. This flaw exposes sensitive information, making it vulnerable to man-in-the-middle (MitM) attacks, and allowing attackers to easily intercept and access this data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30662", + "url": "https://github.com/yashpatelphd/CVE-2024-30662" } ] } diff --git a/2024/30xxx/CVE-2024-30663.json b/2024/30xxx/CVE-2024-30663.json index a7194383e16..f2f3c998ecf 100644 --- a/2024/30xxx/CVE-2024-30663.json +++ b/2024/30xxx/CVE-2024-30663.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30663", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30663", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the default configurations of ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3. This vulnerability allows unauthenticated attackers to gain access using default credentials, posing a serious threat to the integrity and security of the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30663", + "url": "https://github.com/yashpatelphd/CVE-2024-30663" } ] } diff --git a/2024/30xxx/CVE-2024-30665.json b/2024/30xxx/CVE-2024-30665.json index b2c506e75ac..0c6d3d482b1 100644 --- a/2024/30xxx/CVE-2024-30665.json +++ b/2024/30xxx/CVE-2024-30665.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30665", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30665", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An OS command injection vulnerability has been discovered in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3. This vulnerability primarily affects the command processing or system call components in ROS, making them susceptible to manipulation by malicious entities. Through this, unauthorized commands can be executed, leading to remote code execution (RCE), data theft, and malicious activities. The affected components include External Command Execution Modules, System Call Handlers, and Interface Scripts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30665", + "url": "https://github.com/yashpatelphd/CVE-2024-30665" } ] } diff --git a/2024/30xxx/CVE-2024-30666.json b/2024/30xxx/CVE-2024-30666.json index 068ee55a9a2..84667a702fa 100644 --- a/2024/30xxx/CVE-2024-30666.json +++ b/2024/30xxx/CVE-2024-30666.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30666", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30666", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow vulnerability has been discovered in the C++ components of ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code via improper handling of arrays or strings within these components." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30666", + "url": "https://github.com/yashpatelphd/CVE-2024-30666" } ] } diff --git a/2024/30xxx/CVE-2024-30667.json b/2024/30xxx/CVE-2024-30667.json index 6ac4e1159f5..2cc10bcc4df 100644 --- a/2024/30xxx/CVE-2024-30667.json +++ b/2024/30xxx/CVE-2024-30667.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30667", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30667", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insecure deserialization vulnerability in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code or obtain sensitive information via crafted input to the data handling components." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30667", + "url": "https://github.com/yashpatelphd/CVE-2024-30667" } ] } diff --git a/2024/30xxx/CVE-2024-30672.json b/2024/30xxx/CVE-2024-30672.json index 4e9e62a1fa9..560fd745a42 100644 --- a/2024/30xxx/CVE-2024-30672.json +++ b/2024/30xxx/CVE-2024-30672.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30672", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30672", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Arbitrary file upload vulnerability in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, cause a denial of service (DoS), and obtain sensitive information via the file upload component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30672", + "url": "https://github.com/yashpatelphd/CVE-2024-30672" } ] } diff --git a/2024/30xxx/CVE-2024-30674.json b/2024/30xxx/CVE-2024-30674.json index 82eceb41ca7..b5b307881ed 100644 --- a/2024/30xxx/CVE-2024-30674.json +++ b/2024/30xxx/CVE-2024-30674.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30674", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30674", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unauthorized access vulnerability in ROS2 Iron Irwini in ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3, allows remote attackers to gain control of multiple ROS2 nodes. Unauthorized information access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30674", + "url": "https://github.com/yashpatelphd/CVE-2024-30674" } ] } diff --git a/2024/30xxx/CVE-2024-30675.json b/2024/30xxx/CVE-2024-30675.json index 958124136e7..abaf47dc85d 100644 --- a/2024/30xxx/CVE-2024-30675.json +++ b/2024/30xxx/CVE-2024-30675.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30675", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30675", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unauthorized node injection vulnerability in ROS2 Iron Irwini in ROS_VERSION 2 and ROS_PYTHON_VERSION 3. This vulnerability could allow a malicious user to escalate privileges by injecting malicious ROS2 nodes into the system remotely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-30675", + "url": "https://github.com/yashpatelphd/CVE-2024-30675" } ] } diff --git a/2024/31xxx/CVE-2024-31022.json b/2024/31xxx/CVE-2024-31022.json index 8f1d247c2cf..20225944aec 100644 --- a/2024/31xxx/CVE-2024-31022.json +++ b/2024/31xxx/CVE-2024-31022.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-31022", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-31022", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.xuxblog.top/2024/03/25/CandyCMS-Pre-Auth-RCE/", + "refsource": "MISC", + "name": "https://www.xuxblog.top/2024/03/25/CandyCMS-Pre-Auth-RCE/" } ] } diff --git a/2024/31xxx/CVE-2024-31047.json b/2024/31xxx/CVE-2024-31047.json index e24857625af..24fb6d52404 100644 --- a/2024/31xxx/CVE-2024-31047.json +++ b/2024/31xxx/CVE-2024-31047.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-31047", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-31047", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to cause a denial of service (DoS) via the convert function of exrmultipart.cpp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/AcademySoftwareFoundation/openexr/issues/1680", + "refsource": "MISC", + "name": "https://github.com/AcademySoftwareFoundation/openexr/issues/1680" } ] } diff --git a/2024/31xxx/CVE-2024-31357.json b/2024/31xxx/CVE-2024-31357.json index b017c2de595..d48521bb643 100644 --- a/2024/31xxx/CVE-2024-31357.json +++ b/2024/31xxx/CVE-2024-31357.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31357", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.5.2.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "BdThemes", + "product": { + "product_data": [ + { + "product_name": "Ultimate Store Kit Elementor Addons", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "1.6.0", + "status": "unaffected" + } + ], + "lessThanOrEqual": "1.5.2", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/ultimate-store-kit/wordpress-ultimate-store-kit-elementor-addons-plugin-1-5-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/ultimate-store-kit/wordpress-ultimate-store-kit-elementor-addons-plugin-1-5-2-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 1.6.0 or a higher version." + } + ], + "value": "Update to 1.6.0 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Ray Wilson (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2024/31xxx/CVE-2024-31375.json b/2024/31xxx/CVE-2024-31375.json index 597fc5b6eb2..263ac1e84bd 100644 --- a/2024/31xxx/CVE-2024-31375.json +++ b/2024/31xxx/CVE-2024-31375.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31375", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Missing Authorization vulnerability in Saleswonder.Biz Team WP2LEADS.This issue affects WP2LEADS: from n/a through 3.2.7.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Saleswonder.biz Team", + "product": { + "product_data": [ + { + "product_name": "WP2LEADS", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "3.2.8", + "status": "unaffected" + } + ], + "lessThanOrEqual": "3.2.7", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/wp2leads/wordpress-wp2leads-plugin-3-2-7-broken-access-control-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/wp2leads/wordpress-wp2leads-plugin-3-2-7-broken-access-control-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 3.2.8 or a higher version." + } + ], + "value": "Update to 3.2.8 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Dhabaleshwar Das (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "version": "3.1" } ] } diff --git a/2024/31xxx/CVE-2024-31960.json b/2024/31xxx/CVE-2024-31960.json new file mode 100644 index 00000000000..1f26fffd56b --- /dev/null +++ b/2024/31xxx/CVE-2024-31960.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31960", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31961.json b/2024/31xxx/CVE-2024-31961.json new file mode 100644 index 00000000000..6fcf2c168fc --- /dev/null +++ b/2024/31xxx/CVE-2024-31961.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31961", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31962.json b/2024/31xxx/CVE-2024-31962.json new file mode 100644 index 00000000000..0b4e2b3f3d5 --- /dev/null +++ b/2024/31xxx/CVE-2024-31962.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31962", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31963.json b/2024/31xxx/CVE-2024-31963.json new file mode 100644 index 00000000000..79789e520bf --- /dev/null +++ b/2024/31xxx/CVE-2024-31963.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31963", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31964.json b/2024/31xxx/CVE-2024-31964.json new file mode 100644 index 00000000000..88d26214c6d --- /dev/null +++ b/2024/31xxx/CVE-2024-31964.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31964", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31965.json b/2024/31xxx/CVE-2024-31965.json new file mode 100644 index 00000000000..93ce0e6cbaf --- /dev/null +++ b/2024/31xxx/CVE-2024-31965.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31965", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31966.json b/2024/31xxx/CVE-2024-31966.json new file mode 100644 index 00000000000..68a366f241b --- /dev/null +++ b/2024/31xxx/CVE-2024-31966.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31966", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31967.json b/2024/31xxx/CVE-2024-31967.json new file mode 100644 index 00000000000..9017564a5b7 --- /dev/null +++ b/2024/31xxx/CVE-2024-31967.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31967", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31968.json b/2024/31xxx/CVE-2024-31968.json new file mode 100644 index 00000000000..7a0c8eb5524 --- /dev/null +++ b/2024/31xxx/CVE-2024-31968.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31968", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31969.json b/2024/31xxx/CVE-2024-31969.json new file mode 100644 index 00000000000..34bc63a4d37 --- /dev/null +++ b/2024/31xxx/CVE-2024-31969.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31969", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31970.json b/2024/31xxx/CVE-2024-31970.json new file mode 100644 index 00000000000..82a1c0b1685 --- /dev/null +++ b/2024/31xxx/CVE-2024-31970.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31970", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31971.json b/2024/31xxx/CVE-2024-31971.json new file mode 100644 index 00000000000..fa8f8fef2f5 --- /dev/null +++ b/2024/31xxx/CVE-2024-31971.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31971", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31972.json b/2024/31xxx/CVE-2024-31972.json new file mode 100644 index 00000000000..d1e420b0fd4 --- /dev/null +++ b/2024/31xxx/CVE-2024-31972.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31972", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31973.json b/2024/31xxx/CVE-2024-31973.json new file mode 100644 index 00000000000..e1e24015f40 --- /dev/null +++ b/2024/31xxx/CVE-2024-31973.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31973", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31974.json b/2024/31xxx/CVE-2024-31974.json new file mode 100644 index 00000000000..1bf2d51dc97 --- /dev/null +++ b/2024/31xxx/CVE-2024-31974.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31974", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31975.json b/2024/31xxx/CVE-2024-31975.json new file mode 100644 index 00000000000..3b109e0713d --- /dev/null +++ b/2024/31xxx/CVE-2024-31975.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31975", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31976.json b/2024/31xxx/CVE-2024-31976.json new file mode 100644 index 00000000000..6b13aa46846 --- /dev/null +++ b/2024/31xxx/CVE-2024-31976.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31976", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/31xxx/CVE-2024-31977.json b/2024/31xxx/CVE-2024-31977.json new file mode 100644 index 00000000000..a007b17433d --- /dev/null +++ b/2024/31xxx/CVE-2024-31977.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31977", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3438.json b/2024/3xxx/CVE-2024-3438.json new file mode 100644 index 00000000000..f9f23ee26fc --- /dev/null +++ b/2024/3xxx/CVE-2024-3438.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3438", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3439.json b/2024/3xxx/CVE-2024-3439.json new file mode 100644 index 00000000000..456838d384c --- /dev/null +++ b/2024/3xxx/CVE-2024-3439.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3439", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3440.json b/2024/3xxx/CVE-2024-3440.json new file mode 100644 index 00000000000..c95c253ddc1 --- /dev/null +++ b/2024/3xxx/CVE-2024-3440.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3440", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3441.json b/2024/3xxx/CVE-2024-3441.json new file mode 100644 index 00000000000..0928373dab8 --- /dev/null +++ b/2024/3xxx/CVE-2024-3441.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3441", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3442.json b/2024/3xxx/CVE-2024-3442.json new file mode 100644 index 00000000000..a99df4f63ee --- /dev/null +++ b/2024/3xxx/CVE-2024-3442.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3442", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3443.json b/2024/3xxx/CVE-2024-3443.json new file mode 100644 index 00000000000..36cbe01adb0 --- /dev/null +++ b/2024/3xxx/CVE-2024-3443.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3443", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3444.json b/2024/3xxx/CVE-2024-3444.json new file mode 100644 index 00000000000..f7352ea3d36 --- /dev/null +++ b/2024/3xxx/CVE-2024-3444.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3444", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3445.json b/2024/3xxx/CVE-2024-3445.json new file mode 100644 index 00000000000..53c4d5ca6d7 --- /dev/null +++ b/2024/3xxx/CVE-2024-3445.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3445", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3446.json b/2024/3xxx/CVE-2024-3446.json new file mode 100644 index 00000000000..7ea3af9452a --- /dev/null +++ b/2024/3xxx/CVE-2024-3446.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3446", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3447.json b/2024/3xxx/CVE-2024-3447.json new file mode 100644 index 00000000000..400bdd3f94e --- /dev/null +++ b/2024/3xxx/CVE-2024-3447.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3447", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3448.json b/2024/3xxx/CVE-2024-3448.json new file mode 100644 index 00000000000..2857aa4a0e6 --- /dev/null +++ b/2024/3xxx/CVE-2024-3448.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3448", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3495.json b/2024/3xxx/CVE-2024-3495.json new file mode 100644 index 00000000000..f81a5840bc7 --- /dev/null +++ b/2024/3xxx/CVE-2024-3495.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3495", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file