diff --git a/2024/29xxx/CVE-2024-29441.json b/2024/29xxx/CVE-2024-29441.json index 8eff10f175c..66c229f5817 100644 --- a/2024/29xxx/CVE-2024-29441.json +++ b/2024/29xxx/CVE-2024-29441.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29441", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29441", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows remote attackers to cause a denial of service (DoS) via the ROS2 nodes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-29441", + "url": "https://github.com/yashpatelphd/CVE-2024-29441" } ] } diff --git a/2024/29xxx/CVE-2024-29444.json b/2024/29xxx/CVE-2024-29444.json index 76681dece1d..5a2fdeb06ca 100644 --- a/2024/29xxx/CVE-2024-29444.json +++ b/2024/29xxx/CVE-2024-29444.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29444", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29444", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An OS command injection vulnerability has been discovered in ROS2 (Robot Operating System 2) Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via External Command Execution Modules, System Call Handlers, and Interface Scripts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-29444", + "url": "https://github.com/yashpatelphd/CVE-2024-29444" } ] } diff --git a/2024/29xxx/CVE-2024-29445.json b/2024/29xxx/CVE-2024-29445.json index 59d627e0755..8d659fc3f5e 100644 --- a/2024/29xxx/CVE-2024-29445.json +++ b/2024/29xxx/CVE-2024-29445.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29445", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29445", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3 where the system transmits messages in plaintext, allowing attackers to access sensitive information via a man-in-the-middle attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-29445", + "url": "https://github.com/yashpatelphd/CVE-2024-29445" } ] } diff --git a/2024/29xxx/CVE-2024-29447.json b/2024/29xxx/CVE-2024-29447.json index 419e5bd99c1..87eafd0697d 100644 --- a/2024/29xxx/CVE-2024-29447.json +++ b/2024/29xxx/CVE-2024-29447.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29447", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29447", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the default configurations of ROS2 Humble Hawksbill in ROS2 Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows unauthenticated attackers to gain access using default credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/yashpatelphd/CVE-2024-29447", + "url": "https://github.com/yashpatelphd/CVE-2024-29447" } ] } diff --git a/2024/3xxx/CVE-2024-3612.json b/2024/3xxx/CVE-2024-3612.json index 14b6402fa3f..5956bb240ab 100644 --- a/2024/3xxx/CVE-2024-3612.json +++ b/2024/3xxx/CVE-2024-3612.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3612", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file barang.php. The manipulation of the argument nama_barang/merek leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260269 was assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "In SourceCodester Warehouse Management System 1.0 wurde eine problematische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei barang.php. Durch das Beeinflussen des Arguments nama_barang/merek mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Warehouse Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.260269", + "refsource": "MISC", + "name": "https://vuldb.com/?id.260269" + }, + { + "url": "https://vuldb.com/?ctiid.260269", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.260269" + }, + { + "url": "https://vuldb.com/?submit.312700", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.312700" + }, + { + "url": "https://github.com/fubxx/CVE/blob/main/WarehouseManagementSystemXSS.md", + "refsource": "MISC", + "name": "https://github.com/fubxx/CVE/blob/main/WarehouseManagementSystemXSS.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "LI YU (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2024/3xxx/CVE-2024-3613.json b/2024/3xxx/CVE-2024-3613.json index 6d73068ebae..8ae13fb6d03 100644 --- a/2024/3xxx/CVE-2024-3613.json +++ b/2024/3xxx/CVE-2024-3613.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3613", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file supplier.php. The manipulation of the argument nama_supplier/alamat_supplier/notelp_supplier leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-260270 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Eine problematische Schwachstelle wurde in SourceCodester Warehouse Management System 1.0 ausgemacht. Davon betroffen ist unbekannter Code der Datei supplier.php. Durch Beeinflussen des Arguments nama_supplier/alamat_supplier/notelp_supplier mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Warehouse Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.260270", + "refsource": "MISC", + "name": "https://vuldb.com/?id.260270" + }, + { + "url": "https://vuldb.com/?ctiid.260270", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.260270" + }, + { + "url": "https://vuldb.com/?submit.312701", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.312701" + }, + { + "url": "https://github.com/fubxx/CVE/blob/main/WarehouseManagementSystemXSS2.md", + "refsource": "MISC", + "name": "https://github.com/fubxx/CVE/blob/main/WarehouseManagementSystemXSS2.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "LI YU (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2024/3xxx/CVE-2024-3650.json b/2024/3xxx/CVE-2024-3650.json new file mode 100644 index 00000000000..719ade7c7af --- /dev/null +++ b/2024/3xxx/CVE-2024-3650.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3650", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3651.json b/2024/3xxx/CVE-2024-3651.json new file mode 100644 index 00000000000..522d3bf1c71 --- /dev/null +++ b/2024/3xxx/CVE-2024-3651.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3651", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file