enrich remaining vulns for 2024-05-28

Signed-off-by: Weston Steimel <[email protected]>

data/anchore/2024/CVE-2024-28042.json

@@ -0,0 +1,36 @@
+{
+  "additionalMetadata": {
+    "cna": "icscert",
+    "cveId": "CVE-2024-28042",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-02"
+    ],
+    "solutions": [
+      "Subnet Solutions has fixed these issues by identifying and replacing out\n of date libraries used in previous versions of PowerSYSTEM Center. \nUsers are advised to update to version 5.20.x.x or newer. To obtain this\n software, contact  Subnet Solution's Customer Service. https://subnet.com/contact/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:subnet:powersystem_center:*:*:*:*:*:*:*:*"
+        ],
+        "product": "PowerSYSTEM Center",
+        "vendor": "SUBNET",
+        "versions": [
+          {
+            "lessThan": "5.20",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-35299.json

@@ -0,0 +1,33 @@
+{
+  "additionalMetadata": {
+    "cna": "jetbrains",
+    "cveId": "CVE-2024-35299",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://www.jetbrains.com/privacy-security/issues-fixed/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:jetbrains:youtrack:*:*:*:*:*:*:*:*"
+        ],
+        "product": "YouTrack",
+        "vendor": "JetBrains",
+        "versions": [
+          {
+            "lessThan": "2024.1.29548",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-35300.json

@@ -0,0 +1,33 @@
+{
+  "additionalMetadata": {
+    "cna": "jetbrains",
+    "cveId": "CVE-2024-35300",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://www.jetbrains.com/privacy-security/issues-fixed/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*"
+        ],
+        "product": "TeamCity",
+        "vendor": "JetBrains",
+        "versions": [
+          {
+            "lessThan": "2024.03.1",
+            "status": "affected",
+            "version": "2024.03",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-35301.json

@@ -0,0 +1,33 @@
+{
+  "additionalMetadata": {
+    "cna": "jetbrains",
+    "cveId": "CVE-2024-35301",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://www.jetbrains.com/privacy-security/issues-fixed/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*"
+        ],
+        "product": "TeamCity",
+        "vendor": "JetBrains",
+        "versions": [
+          {
+            "lessThan": "2024.03.1",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-35302.json

@@ -0,0 +1,33 @@
+{
+  "additionalMetadata": {
+    "cna": "jetbrains",
+    "cveId": "CVE-2024-35302",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://www.jetbrains.com/privacy-security/issues-fixed/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*"
+        ],
+        "product": "TeamCity",
+        "vendor": "JetBrains",
+        "versions": [
+          {
+            "lessThan": "2023.11",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-4420.json

@@ -0,0 +1,36 @@
+{
+  "additionalMetadata": {
+    "cna": "google",
+    "cveId": "CVE-2024-4420",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://github.com/tink-crypto/tink-cc/issues/4"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://github.com/tink-crypto/tink-cc",
+        "cpes": [
+          "cpe:2.3:a:google:tink:*:*:*:*:*:*:*:*"
+        ],
+        "packageName": "Tink-cc",
+        "product": "Tink",
+        "repo": "https://github.com/tink-crypto",
+        "vendor": "Google",
+        "versions": [
+          {
+            "lessThan": "2.1.3",
+            "status": "affected",
+            "version": "2.0.0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-4976.json

@@ -0,0 +1,33 @@
+{
+  "additionalMetadata": {
+    "cna": "gandc",
+    "cveId": "CVE-2024-4976",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://www.xpdfreader.com/security-bug/CVE-2024-4976.html"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*"
+        ],
+        "product": "Xpdf",
+        "vendor": "Xpdf",
+        "versions": [
+          {
+            "lessThan": "4.06",
+            "status": "affected",
+            "version": "0",
+            "versionType": "version"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-5040.json

@@ -0,0 +1,36 @@
+{
+  "additionalMetadata": {
+    "cna": "icscert",
+    "cveId": "CVE-2024-5040",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://www.cisa.gov/news-events/ics-advisories/icsa-24-142-01"
+    ],
+    "solutions": [
+      "LCDS recommends users update to  version 4.7.1.371 or newer of LAquis SCADA. https://laquisscada.com/  which has been configured to resolve the reported path traversal issues."
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:lcds:laquis_scada:*:*:*:*:*:*:*:*"
+        ],
+        "product": "LAquis SCADA",
+        "vendor": "LCDS",
+        "versions": [
+          {
+            "lessThan": "4.7.1.371",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}