185 changes (70 new | 115 updated):

- 70 new CVEs: CVE-2023-52168, CVE-2023-52169, CVE-2024-20890, CVE-2024-24974, CVE-2024-27459, CVE-2024-27715, CVE-2024-27716, CVE-2024-27717, CVE-2024-27903, CVE-2024-2040, CVE-2024-2233, CVE-2024-2234, CVE-2024-2235, CVE-2024-2926, CVE-2024-31897, CVE-2024-33862, CVE-2024-34361, CVE-2024-34591, CVE-2024-34602, CVE-2024-34603, CVE-2024-37208, CVE-2024-37234, CVE-2024-37260, CVE-2024-37389, CVE-2024-37528, CVE-2024-37539, CVE-2024-37541, CVE-2024-37542, CVE-2024-37546, CVE-2024-37547, CVE-2024-37553, CVE-2024-37554, CVE-2024-37999, CVE-2024-38330, CVE-2024-39182, CVE-2024-39321, CVE-2024-39473, CVE-2024-39481, CVE-2024-39486, CVE-2024-39689, CVE-2024-39723, CVE-2024-39742, CVE-2024-39743, CVE-2024-39864, CVE-2024-3651, CVE-2024-40594, CVE-2024-40596, CVE-2024-40597, CVE-2024-40598, CVE-2024-40599, CVE-2024-40600, CVE-2024-40601, CVE-2024-40602, CVE-2024-40603, CVE-2024-40604, CVE-2024-40605, CVE-2024-40614, CVE-2024-4341, CVE-2024-4708, CVE-2024-5419, CVE-2024-5504, CVE-2024-5616, CVE-2024-5711, CVE-2024-5753, CVE-2024-6095, CVE-2024-6163, CVE-2024-6229, CVE-2024-6263, CVE-2024-6387, CVE-2024-6539 - 115 updated CVEs: CVE-2019-8761, CVE-2021-47242, CVE-2022-0028, CVE-2022-22076, CVE-2022-29420, CVE-2022-2856, CVE-2022-33251, CVE-2022-33307, CVE-2022-34144, CVE-2022-47420, CVE-2023-21237, CVE-2023-21657, CVE-2023-21939, CVE-2023-25790, CVE-2023-26531, CVE-2023-26756, CVE-2023-27330, CVE-2023-27359, CVE-2023-28334, CVE-2023-28696, CVE-2023-29346, CVE-2023-29361, CVE-2023-29369, CVE-2023-2597, CVE-2023-30402, CVE-2023-32175, CVE-2023-33281, CVE-2023-33919, CVE-2023-35722, CVE-2023-37358, CVE-2023-38109, CVE-2023-39471, CVE-2023-39473, CVE-2023-39475, CVE-2023-39476, CVE-2023-42116, CVE-2023-42119, CVE-2023-44449, CVE-2023-45830, CVE-2023-47246, CVE-2023-47663, CVE-2023-49188, CVE-2023-51482, CVE-2023-5090, CVE-2024-0042, CVE-2024-0905, CVE-2024-0986, CVE-2024-1386, CVE-2024-1567, CVE-2024-1677, CVE-2024-1679, CVE-2024-1809, CVE-2024-1993, CVE-2024-1994, CVE-2024-20852, CVE-2024-23519, CVE-2024-25928, CVE-2024-26621, CVE-2024-29824, CVE-2024-2084, CVE-2024-2191, CVE-2024-2542, CVE-2024-2752, CVE-2024-2840, CVE-2024-2958, CVE-2024-2970, CVE-2024-31086, CVE-2024-31093, CVE-2024-31288, CVE-2024-31299, CVE-2024-32513, CVE-2024-32785, CVE-2024-33584, CVE-2024-33589, CVE-2024-34349, CVE-2024-34385, CVE-2024-34759, CVE-2024-34793, CVE-2024-34801, CVE-2024-34804, CVE-2024-35698, CVE-2024-35708, CVE-2024-35714, CVE-2024-35739, CVE-2024-35763, CVE-2024-35778, CVE-2024-35781, CVE-2024-36495, CVE-2024-38373, CVE-2024-39458, CVE-2024-3023, CVE-2024-3188, CVE-2024-3312, CVE-2024-3341, CVE-2024-3585, CVE-2024-3650, CVE-2024-3674, CVE-2024-3678, CVE-2024-3727, CVE-2024-3819, CVE-2024-3985, CVE-2024-4003, CVE-2024-4036, CVE-2024-4077, CVE-2024-4307, CVE-2024-4418, CVE-2024-4541, CVE-2024-5215, CVE-2024-5424, CVE-2024-5507, CVE-2024-5788, CVE-2024-5859, CVE-2024-6120, CVE-2024-6288, CVE-2024-6307
hkong-mitre · Jul 8, 2024 · 4c038a2 · 4c038a2
1 parent a9ff5a4
commit 4c038a2
Show file tree

Hide file tree

Showing 187 changed files with 11,186 additions and 511 deletions.
diff --git a/cves/2019/8xxx/CVE-2019-8761.json b/cves/2019/8xxx/CVE-2019-8761.json
@@ -1,147 +1,65 @@
 {
     "containers": {
         "cna": {
+            "providerMetadata": {
+                "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
+                "shortName": "apple",
+                "dateUpdated": "2024-07-08T12:08:20.890217"
+            },
+            "descriptions": [
+                {
+                    "lang": "en",
+                    "value": "This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Parsing a maliciously crafted text file may lead to disclosure of user information."
+                }
+            ],
             "affected": [
                 {
-                    "product": "macOS",
                     "vendor": "Apple",
+                    "product": "macOS",
                     "versions": [
                         {
+                            "version": "unspecified",
                             "lessThan": "10.15",
                             "status": "affected",
-                            "version": "unspecified",
                             "versionType": "custom"
                         }
                     ]
                 },
                 {
-                    "product": "macOS",
                     "vendor": "Apple",
+                    "product": "macOS",
                     "versions": [
                         {
+                            "version": "unspecified",
                             "lessThan": "10.15",
                             "status": "affected",
-                            "version": "unspecified",
                             "versionType": "custom"
                         }
                     ]
                 }
             ],
-            "descriptions": [
-                {
-                    "lang": "en",
-                    "value": "This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Parsing a maliciously crafted text file may lead to disclosure of user information."
-                }
-            ],
-            "problemTypes": [
-                {
-                    "descriptions": [
-                        {
-                            "description": "Parsing a maliciously crafted text file may lead to disclosure of user information",
-                            "lang": "en",
-                            "type": "text"
-                        }
-                    ]
-                }
-            ],
-            "providerMetadata": {
-                "dateUpdated": "2020-10-27T19:49:03",
-                "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
-                "shortName": "apple"
-            },
             "references": [
                 {
-                    "tags": [
-                        "x_refsource_MISC"
-                    ],
                     "url": "https://support.apple.com/en-us/HT210634"
                 },
                 {
-                    "tags": [
-                        "x_refsource_MISC"
-                    ],
                     "url": "https://support.apple.com/en-us/HT210722"
+                },
+                {
+                    "url": "https://www.paulosyibelo.com/2021/04/this-man-thought-opening-txt-file-is.html"
                 }
             ],
-            "x_legacyV4Record": {
-                "CVE_data_meta": {
-                    "ASSIGNER": "[email protected]",
-                    "ID": "CVE-2019-8761",
-                    "STATE": "PUBLIC"
-                },
-                "affects": {
-                    "vendor": {
-                        "vendor_data": [
-                            {
-                                "product": {
-                                    "product_data": [
-                                        {
-                                            "product_name": "macOS",
-                                            "version": {
-                                                "version_data": [
-                                                    {
-                                                        "version_affected": "<",
-                                                        "version_value": "10.15"
-                                                    }
-                                                ]
-                                            }
-                                        },
-                                        {
-                                            "product_name": "macOS",
-                                            "version": {
-                                                "version_data": [
-                                                    {
-                                                        "version_affected": "<",
-                                                        "version_value": "10.15"
-                                                    }
-                                                ]
-                                            }
-                                        }
-                                    ]
-                                },
-                                "vendor_name": "Apple"
-                            }
-                        ]
-                    }
-                },
-                "data_format": "MITRE",
-                "data_type": "CVE",
-                "data_version": "4.0",
-                "description": {
-                    "description_data": [
-                        {
-                            "lang": "eng",
-                            "value": "This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Parsing a maliciously crafted text file may lead to disclosure of user information."
-                        }
-                    ]
-                },
-                "problemtype": {
-                    "problemtype_data": [
-                        {
-                            "description": [
-                                {
-                                    "lang": "eng",
-                                    "value": "Parsing a maliciously crafted text file may lead to disclosure of user information"
-                                }
-                            ]
-                        }
-                    ]
-                },
-                "references": {
-                    "reference_data": [
-                        {
-                            "name": "https://support.apple.com/en-us/HT210634",
-                            "refsource": "MISC",
-                            "url": "https://support.apple.com/en-us/HT210634"
-                        },
+            "problemTypes": [
+                {
+                    "descriptions": [
                         {
-                            "name": "https://support.apple.com/en-us/HT210722",
-                            "refsource": "MISC",
-                            "url": "https://support.apple.com/en-us/HT210722"
+                            "type": "text",
+                            "lang": "en",
+                            "description": "Parsing a maliciously crafted text file may lead to disclosure of user information"
                         }
                     ]
                 }
-            }
+            ]
         },
         "adp": [
             {
@@ -184,13 +102,13 @@
         ]
     },
     "cveMetadata": {
+        "state": "PUBLISHED",
+        "cveId": "CVE-2019-8761",
         "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
         "assignerShortName": "apple",
-        "cveId": "CVE-2019-8761",
-        "datePublished": "2020-10-27T19:49:03",
+        "dateUpdated": "2024-07-08T12:08:20.890217",
         "dateReserved": "2019-02-18T00:00:00",
-        "dateUpdated": "2024-07-02T18:39:35.493Z",
-        "state": "PUBLISHED"
+        "datePublished": "2020-10-27T19:49:03"
     },
     "dataType": "CVE_RECORD",
     "dataVersion": "5.1"

diff --git a/cves/2021/47xxx/CVE-2021-47242.json b/cves/2021/47xxx/CVE-2021-47242.json
@@ -8,7 +8,7 @@
         "assignerShortName": "Linux",
         "dateReserved": "2024-04-10T18:59:19.532Z",
         "datePublished": "2024-05-21T14:19:41.665Z",
-        "dateUpdated": "2024-07-04T00:07:57.519Z"
+        "dateUpdated": "2024-07-07T19:44:05.240Z"
     },
     "containers": {
         "cna": {

diff --git a/cves/2022/0xxx/CVE-2022-0028.json b/cves/2022/0xxx/CVE-2022-0028.json
@@ -681,7 +681,7 @@
         "cveId": "CVE-2022-0028",
         "datePublished": "2022-08-10T00:00:00",
         "dateReserved": "2021-12-28T00:00:00",
-        "dateUpdated": "2024-07-04T00:38:08.426Z",
+        "dateUpdated": "2024-07-06T13:45:09.148Z",
         "state": "PUBLISHED"
     },
     "dataType": "CVE_RECORD",

diff --git a/cves/2022/22xxx/CVE-2022-22076.json b/cves/2022/22xxx/CVE-2022-22076.json
@@ -8,7 +8,7 @@
         "assignerShortName": "qualcomm",
         "dateReserved": "2021-12-21T09:16:35.470Z",
         "datePublished": "2023-06-06T07:38:33.401Z",
-        "dateUpdated": "2024-07-04T02:38:47.345Z"
+        "dateUpdated": "2024-07-05T20:13:39.805Z"
     },
     "containers": {
         "cna": {

diff --git a/cves/2022/29xxx/CVE-2022-29420.json b/cves/2022/29xxx/CVE-2022-29420.json
@@ -254,7 +254,7 @@
         "cveId": "CVE-2022-29420",
         "datePublished": "2022-04-28T00:00:00",
         "dateReserved": "2022-04-18T00:00:00",
-        "dateUpdated": "2024-07-04T05:36:24.992Z",
+        "dateUpdated": "2024-07-06T02:51:20.485Z",
         "state": "PUBLISHED"
     },
     "dataType": "CVE_RECORD",

diff --git a/cves/2022/2xxx/CVE-2022-2856.json b/cves/2022/2xxx/CVE-2022-2856.json
@@ -258,7 +258,7 @@
         "cveId": "CVE-2022-2856",
         "datePublished": "2022-09-26T15:01:12",
         "dateReserved": "2022-08-16T00:00:00",
-        "dateUpdated": "2024-07-04T06:21:35.005Z",
+        "dateUpdated": "2024-07-06T13:57:27.836Z",
         "state": "PUBLISHED"
     },
     "dataType": "CVE_RECORD",

diff --git a/cves/2022/33xxx/CVE-2022-33251.json b/cves/2022/33xxx/CVE-2022-33251.json
@@ -8,7 +8,7 @@
         "assignerShortName": "qualcomm",
         "dateReserved": "2022-06-14T10:44:39.588Z",
         "datePublished": "2023-06-06T07:38:42.631Z",
-        "dateUpdated": "2024-07-04T07:41:57.660Z"
+        "dateUpdated": "2024-07-05T20:14:21.382Z"
     },
     "containers": {
         "cna": {

diff --git a/cves/2022/33xxx/CVE-2022-33307.json b/cves/2022/33xxx/CVE-2022-33307.json
@@ -8,7 +8,7 @@
         "assignerShortName": "qualcomm",
         "dateReserved": "2022-06-14T10:44:39.617Z",
         "datePublished": "2023-06-06T07:38:50.743Z",
-        "dateUpdated": "2024-07-04T07:41:57.694Z"
+        "dateUpdated": "2024-07-06T14:10:34.481Z"
     },
     "containers": {
         "cna": {

diff --git a/cves/2022/34xxx/CVE-2022-34144.json b/cves/2022/34xxx/CVE-2022-34144.json
@@ -8,7 +8,7 @@
         "assignerShortName": "qualcomm",
         "dateReserved": "2022-06-20T05:51:02.535Z",
         "datePublished": "2023-05-02T05:08:49.075Z",
-        "dateUpdated": "2024-07-04T07:52:49.223Z"
+        "dateUpdated": "2024-07-05T20:11:11.752Z"
     },
     "containers": {
         "cna": {

diff --git a/cves/2022/47xxx/CVE-2022-47420.json b/cves/2022/47xxx/CVE-2022-47420.json
@@ -8,7 +8,7 @@
         "assignerShortName": "Patchstack",
         "dateReserved": "2022-12-15T00:08:08.872Z",
         "datePublished": "2023-11-06T07:41:14.661Z",
-        "dateUpdated": "2024-07-04T13:04:43.209Z"
+        "dateUpdated": "2024-07-08T09:27:25.880Z"
     },
     "containers": {
         "cna": {
@@ -21,7 +21,13 @@
                     "vendor": "Online ADA",
                     "versions": [
                         {
-                            "lessThanOrEqual": "4.11",
+                            "changes": [
+                                {
+                                    "at": "4.13",
+                                    "status": "unaffected"
+                                }
+                            ],
+                            "lessThanOrEqual": "4.12",
                             "status": "affected",
                             "version": "n/a",
                             "versionType": "custom"
@@ -44,10 +50,10 @@
                         {
                             "base64": false,
                             "type": "text/html",
-                            "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.<p>This issue affects Accessibility Suite by Online ADA: from n/a through 4.11.</p>"
+                            "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.<p>This issue affects Accessibility Suite by Online ADA: from n/a through 4.12.</p>"
                         }
                     ],
-                    "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online ADA: from n/a through 4.11.\n\n"
+                    "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online ADA: from n/a through 4.12."
                 }
             ],
             "impacts": [
@@ -76,7 +82,7 @@
             "providerMetadata": {
                 "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
                 "shortName": "Patchstack",
-                "dateUpdated": "2023-11-06T07:41:14.661Z"
+                "dateUpdated": "2024-07-08T09:27:25.880Z"
             },
             "references": [
                 {
@@ -86,10 +92,23 @@
                     "url": "https://patchstack.com/database/vulnerability/online-accessibility/wordpress-accessibility-suite-by-online-ada-plugin-4-11-sql-injection?_s_id=cve"
                 }
             ],
+            "solutions": [
+                {
+                    "lang": "en",
+                    "supportingMedia": [
+                        {
+                            "base64": false,
+                            "type": "text/html",
+                            "value": "Update to&nbsp;4.13 or a higher version."
+                        }
+                    ],
+                    "value": "Update to 4.13 or a higher version."
+                }
+            ],
             "source": {
                 "discovery": "EXTERNAL"
             },
-            "title": "WordPress Accessibility Suite by Online ADA Plugin <= 4.11 is vulnerable to SQL Injection",
+            "title": "WordPress Accessibility Suite by Online ADA Plugin <= 4.12 is vulnerable to SQL Injection",
             "x_generator": {
                 "engine": "Vulnogram 0.1.0-dev"
             }

diff --git a/cves/2023/21xxx/CVE-2023-21237.json b/cves/2023/21xxx/CVE-2023-21237.json
@@ -6,7 +6,7 @@
         "cveId": "CVE-2023-21237",
         "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
         "assignerShortName": "google_android",
-        "dateUpdated": "2024-07-04T15:30:38.846Z",
+        "dateUpdated": "2024-07-06T13:35:47.045Z",
         "dateReserved": "2022-11-03T00:00:00",
         "datePublished": "2023-06-28T00:00:00"
     },

diff --git a/cves/2023/21xxx/CVE-2023-21657.json b/cves/2023/21xxx/CVE-2023-21657.json
@@ -8,7 +8,7 @@
         "assignerShortName": "qualcomm",
         "dateReserved": "2022-12-07T02:58:25.868Z",
         "datePublished": "2023-06-06T07:39:11.763Z",
-        "dateUpdated": "2024-07-04T15:45:39.579Z"
+        "dateUpdated": "2024-07-06T14:09:27.138Z"
     },
     "containers": {
         "cna": {

diff --git a/cves/2023/21xxx/CVE-2023-21939.json b/cves/2023/21xxx/CVE-2023-21939.json
@@ -8,7 +8,7 @@
         "assignerShortName": "oracle",
         "dateReserved": "2022-12-17T19:26:00.722Z",
         "datePublished": "2023-04-18T19:54:26.274Z",
-        "dateUpdated": "2024-07-04T15:55:50.649Z"
+        "dateUpdated": "2024-07-05T19:26:49.370Z"
     },
     "containers": {
         "cna": {

diff --git a/cves/2023/25xxx/CVE-2023-25790.json b/cves/2023/25xxx/CVE-2023-25790.json
@@ -8,7 +8,7 @@
         "assignerShortName": "Patchstack",
         "dateReserved": "2023-02-15T12:10:40.367Z",
         "datePublished": "2024-04-24T15:44:12.870Z",
-        "dateUpdated": "2024-07-04T17:25:35.025Z"
+        "dateUpdated": "2024-07-06T02:49:35.000Z"
     },
     "containers": {
         "cna": {