diff --git a/CVE-2021/CVE-2021-225xx/CVE-2021-22509.json b/CVE-2021/CVE-2021-225xx/CVE-2021-22509.json index 249d00a3334..e930b552419 100644 --- a/CVE-2021/CVE-2021-225xx/CVE-2021-22509.json +++ b/CVE-2021/CVE-2021-225xx/CVE-2021-22509.json @@ -2,13 +2,17 @@ "id": "CVE-2021-22509", "sourceIdentifier": "security@opentext.com", "published": "2024-08-28T07:15:04.753", - "lastModified": "2024-08-28T07:15:04.753", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1" + }, + { + "lang": "es", + "value": "Una vulnerabilidad identificada en el almacenamiento y reutilizaci\u00f3n de informaci\u00f3n en Autenticaci\u00f3n Avanzada. Este problema puede provocar la filtraci\u00f3n de datos confidenciales a usuarios no autorizados. El problema afecta a la autenticaci\u00f3n avanzada de NetIQ anterior a 6.3.5.1" } ], "metrics": { diff --git a/CVE-2021/CVE-2021-225xx/CVE-2021-22529.json b/CVE-2021/CVE-2021-225xx/CVE-2021-22529.json index b63ea609d2e..548043ccdfa 100644 --- a/CVE-2021/CVE-2021-225xx/CVE-2021-22529.json +++ b/CVE-2021/CVE-2021-225xx/CVE-2021-22529.json @@ -2,13 +2,17 @@ "id": "CVE-2021-22529", "sourceIdentifier": "security@opentext.com", "published": "2024-08-28T07:15:06.223", - "lastModified": "2024-08-28T07:15:06.223", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1" + }, + { + "lang": "es", + "value": "Una vulnerabilidad identificada en la autenticaci\u00f3n avanzada de NetIQ que filtra informaci\u00f3n confidencial del servidor. Este problema afecta a la versi\u00f3n de autenticaci\u00f3n avanzada de NetIQ anterior a 6.3.5.1" } ], "metrics": { diff --git a/CVE-2021/CVE-2021-225xx/CVE-2021-22530.json b/CVE-2021/CVE-2021-225xx/CVE-2021-22530.json index 81cd02a73e6..c3c080e9bc6 100644 --- a/CVE-2021/CVE-2021-225xx/CVE-2021-22530.json +++ b/CVE-2021/CVE-2021-225xx/CVE-2021-22530.json @@ -2,13 +2,17 @@ "id": "CVE-2021-22530", "sourceIdentifier": "security@opentext.com", "published": "2024-08-28T07:15:06.750", - "lastModified": "2024-08-28T07:15:06.750", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1" + }, + { + "lang": "es", + "value": "Una vulnerabilidad identificada en la autenticaci\u00f3n avanzada de NetIQ que no aplica el bloqueo de cuenta cuando se realiza un ataque de fuerza bruta en el inicio de sesi\u00f3n basado en API. Este problema puede comprometer la cuenta del usuario si tiene \u00e9xito o puede afectar el rendimiento del servidor. Este problema afecta a toda la autenticaci\u00f3n avanzada de NetIQ anterior a 6.3.5.1" } ], "metrics": { diff --git a/CVE-2021/CVE-2021-381xx/CVE-2021-38120.json b/CVE-2021/CVE-2021-381xx/CVE-2021-38120.json index e3a053347f5..791710ab670 100644 --- a/CVE-2021/CVE-2021-381xx/CVE-2021-38120.json +++ b/CVE-2021/CVE-2021-381xx/CVE-2021-38120.json @@ -2,13 +2,17 @@ "id": "CVE-2021-38120", "sourceIdentifier": "security@opentext.com", "published": "2024-08-28T07:15:07.303", - "lastModified": "2024-08-28T07:15:07.303", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper\nhandling in provided\u00a0command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1." + }, + { + "lang": "es", + "value": "Una vulnerabilidad identificada en la autenticaci\u00f3n avanzada que permite la inyecci\u00f3n de comandos bash en la funcionalidad de copia de seguridad controlada administrativamente debido a un manejo inadecuado de los par\u00e1metros de comando proporcionados. Este problema afecta a la versi\u00f3n de autenticaci\u00f3n avanzada de NetIQ anterior a la 6.3.5.1." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-381xx/CVE-2021-38121.json b/CVE-2021/CVE-2021-381xx/CVE-2021-38121.json index 624248b608a..f015ca83543 100644 --- a/CVE-2021/CVE-2021-381xx/CVE-2021-38121.json +++ b/CVE-2021/CVE-2021-381xx/CVE-2021-38121.json @@ -2,13 +2,17 @@ "id": "CVE-2021-38121", "sourceIdentifier": "security@opentext.com", "published": "2024-08-28T07:15:07.807", - "lastModified": "2024-08-28T07:15:07.807", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.\u00a0 This issue affects NetIQ Advance Authentication versions before 6.3.5.1" + }, + { + "lang": "es", + "value": "Se identifica una versi\u00f3n del protocolo TLS insuficiente o d\u00e9bil en la comunicaci\u00f3n del servidor del cliente de autenticaci\u00f3n avanzada cuando se accede a un servicio espec\u00edfico entre dispositivos. Este problema afecta a las versiones de autenticaci\u00f3n avanzada de NetIQ anteriores a la 6.3.5.1" } ], "metrics": { diff --git a/CVE-2021/CVE-2021-381xx/CVE-2021-38122.json b/CVE-2021/CVE-2021-381xx/CVE-2021-38122.json index 23e8cf89f8a..937f977c94c 100644 --- a/CVE-2021/CVE-2021-381xx/CVE-2021-38122.json +++ b/CVE-2021/CVE-2021-381xx/CVE-2021-38122.json @@ -2,13 +2,17 @@ "id": "CVE-2021-38122", "sourceIdentifier": "security@opentext.com", "published": "2024-08-28T07:15:08.300", - "lastModified": "2024-08-28T07:15:08.300", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information.\nThis issue affects NetIQ Advance Authentication before 6.3.5.1" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross site scripting identificada en la autenticaci\u00f3n avanzada de NetIQ que afecta la funcionalidad del servidor y revela informaci\u00f3n confidencial. Este problema afecta a la autenticaci\u00f3n avanzada de NetIQ anterior a 6.3.5.1" } ], "metrics": { diff --git a/CVE-2022/CVE-2022-399xx/CVE-2022-39997.json b/CVE-2022/CVE-2022-399xx/CVE-2022-39997.json index 8b3a1d95252..4e26d5baa2a 100644 --- a/CVE-2022/CVE-2022-399xx/CVE-2022-39997.json +++ b/CVE-2022/CVE-2022-399xx/CVE-2022-39997.json @@ -2,13 +2,17 @@ "id": "CVE-2022-39997", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-27T19:15:15.953", - "lastModified": "2024-08-27T19:15:15.953", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges" + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema de requisito de contrase\u00f1a d\u00e9bil en el Router Teldats RS123, el RS123w permite a un atacante remoto escalar privilegios" } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-263xx/CVE-2023-26321.json b/CVE-2023/CVE-2023-263xx/CVE-2023-26321.json index e107e70eb3f..9cbf7c21e07 100644 --- a/CVE-2023/CVE-2023-263xx/CVE-2023-26321.json +++ b/CVE-2023/CVE-2023-263xx/CVE-2023-26321.json @@ -2,13 +2,17 @@ "id": "CVE-2023-26321", "sourceIdentifier": "security@xiaomi.com", "published": "2024-08-28T08:15:06.083", - "lastModified": "2024-08-28T08:15:06.083", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A path traversal vulnerability exists in the Xiaomi File Manager application product(international version). The vulnerability is caused by unfiltered special characters and can be exploited by attackers to overwrite and execute code in the file." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de path traversal en el producto de la aplicaci\u00f3n Xiaomi File Manager (versi\u00f3n internacional). La vulnerabilidad es causada por caracteres especiales sin filtrar y los atacantes pueden aprovecharla para sobrescribir y ejecutar c\u00f3digo en el archivo." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-263xx/CVE-2023-26322.json b/CVE-2023/CVE-2023-263xx/CVE-2023-26322.json index 58fb5f19fdd..0dc25b2eaa4 100644 --- a/CVE-2023/CVE-2023-263xx/CVE-2023-26322.json +++ b/CVE-2023/CVE-2023-263xx/CVE-2023-26322.json @@ -2,13 +2,17 @@ "id": "CVE-2023-26322", "sourceIdentifier": "security@xiaomi.com", "published": "2024-08-28T08:15:06.263", - "lastModified": "2024-08-28T08:15:06.263", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo en el producto de aplicaci\u00f3n XiaomiGetApps. Esta vulnerabilidad se debe a que se omite la l\u00f3gica de verificaci\u00f3n y un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo malicioso." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-263xx/CVE-2023-26323.json b/CVE-2023/CVE-2023-263xx/CVE-2023-26323.json index 042438cec4f..31f5b505dd7 100644 --- a/CVE-2023/CVE-2023-263xx/CVE-2023-26323.json +++ b/CVE-2023/CVE-2023-263xx/CVE-2023-26323.json @@ -2,13 +2,17 @@ "id": "CVE-2023-26323", "sourceIdentifier": "security@xiaomi.com", "published": "2024-08-28T08:15:06.427", - "lastModified": "2024-08-28T08:15:06.427", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is caused by unsafe configuration and can be exploited by attackers to execute arbitrary code." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo en el producto del mercado de aplicaciones Xiaomi. La vulnerabilidad se debe a una configuraci\u00f3n insegura y los atacantes pueden aprovecharla para ejecutar c\u00f3digo arbitrario." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-263xx/CVE-2023-26324.json b/CVE-2023/CVE-2023-263xx/CVE-2023-26324.json index e8750148c30..c55c07ed3a2 100644 --- a/CVE-2023/CVE-2023-263xx/CVE-2023-26324.json +++ b/CVE-2023/CVE-2023-263xx/CVE-2023-26324.json @@ -2,13 +2,17 @@ "id": "CVE-2023-26324", "sourceIdentifier": "security@xiaomi.com", "published": "2024-08-28T08:15:06.600", - "lastModified": "2024-08-28T08:15:06.600", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo en el producto de aplicaci\u00f3n XiaomiGetApps. Esta vulnerabilidad se debe a que se omite la l\u00f3gica de verificaci\u00f3n y un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo malicioso." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-430xx/CVE-2023-43078.json b/CVE-2023/CVE-2023-430xx/CVE-2023-43078.json index 6fc7b976e6f..faf698f696f 100644 --- a/CVE-2023/CVE-2023-430xx/CVE-2023-43078.json +++ b/CVE-2023/CVE-2023-430xx/CVE-2023-43078.json @@ -2,13 +2,17 @@ "id": "CVE-2023-43078", "sourceIdentifier": "security_alert@emc.com", "published": "2024-08-28T06:15:03.930", - "lastModified": "2024-08-28T06:15:03.930", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service." + }, + { + "lang": "es", + "value": "Dell Dock Firmware y Dell Client Platform contienen una vulnerabilidad de resoluci\u00f3n de enlace incorrecta durante la instalaci\u00f3n que provoca la eliminaci\u00f3n arbitraria de carpetas, lo que podr\u00eda provocar una escalada de privilegios o una denegaci\u00f3n de servicio." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-458xx/CVE-2023-45896.json b/CVE-2023/CVE-2023-458xx/CVE-2023-45896.json index c0b1bead68b..2db0b7795d5 100644 --- a/CVE-2023/CVE-2023-458xx/CVE-2023-45896.json +++ b/CVE-2023/CVE-2023-458xx/CVE-2023-45896.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45896", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T05:15:13.657", - "lastModified": "2024-08-28T05:15:13.657", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cve@mitre.org", @@ -16,6 +16,10 @@ { "lang": "en", "value": "ntfs3 in the Linux kernel before 6.5.11 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media) and then leveraging local access to trigger an out-of-bounds read. A length value can be larger than the amount of memory allocated. NOTE: the supplier's perspective is that there is no vulnerability when an attack requires an attacker-modified filesystem image." + }, + { + "lang": "es", + "value": "ntfs3 en el kernel de Linux anterior a 6.5.11 permite a un atacante f\u00edsicamente pr\u00f3ximo leer la memoria del kernel montando un sistema de archivos (por ejemplo, si una distribuci\u00f3n de Linux est\u00e1 configurada para permitir montajes sin privilegios de medios extra\u00edbles) y luego aprovechar el acceso local para activar una lectura fuera de los l\u00edmites. Un valor de longitud puede ser mayor que la cantidad de memoria asignada. NOTA: la perspectiva del proveedor es que no hay vulnerabilidad cuando un ataque requiere una imagen del sistema de archivos modificada por el atacante." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1544.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1544.json index 24dc65ba18c..cac97ba4489 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1544.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1544.json @@ -2,13 +2,17 @@ "id": "CVE-2024-1544", "sourceIdentifier": "facts@wolfssl.com", "published": "2024-08-27T19:15:16.547", - "lastModified": "2024-08-27T19:15:16.547", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Generating the ECDSA nonce k samples a random number r and then \ntruncates this randomness with a modular reduction mod n where n is the \norder of the elliptic curve. Meaning k = r mod n. The division used \nduring the reduction estimates a factor q_e by dividing the upper two \ndigits (a digit having e.g. a size of 8 byte) of r by the upper digit of \nn and then decrements q_e in a loop until it has the correct size. \nObserving the number of times q_e is decremented through a control-flow \nrevealing side-channel reveals a bias in the most significant bits of \nk. Depending on the curve this is either a negligible bias or a \nsignificant bias large enough to reconstruct k with lattice reduction \nmethods. For SECP160R1, e.g., we find a bias of 15 bits." + }, + { + "lang": "es", + "value": "Generar el nonce k ECDSA muestra un n\u00famero aleatorio r y luego trunca esta aleatoriedad con una reducci\u00f3n modular mod n donde n es el orden de la curva el\u00edptica. Significado k = r mod n. La divisi\u00f3n utilizada durante la reducci\u00f3n estima un factor q_e dividiendo los dos d\u00edgitos superiores (un d\u00edgito que tiene, por ejemplo, un tama\u00f1o de 8 bytes) de r por el d\u00edgito superior de n y luego disminuye q_e en un bucle hasta que tenga el tama\u00f1o correcto. Observar el n\u00famero de veces que q_e disminuye a trav\u00e9s de un canal lateral revelador de flujo de control revela un sesgo en los bits m\u00e1s significativos de k. Dependiendo de la curva, esto es un sesgo insignificante o un sesgo significativo lo suficientemente grande como para reconstruir k con m\u00e9todos de reducci\u00f3n de celos\u00eda. Para SECP160R1, por ejemplo, encontramos un sesgo de 15 bits." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-395xx/CVE-2024-39584.json b/CVE-2024/CVE-2024-395xx/CVE-2024-39584.json index c0423b60204..3b1a8854026 100644 --- a/CVE-2024/CVE-2024-395xx/CVE-2024-39584.json +++ b/CVE-2024/CVE-2024-395xx/CVE-2024-39584.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39584", "sourceIdentifier": "security_alert@emc.com", "published": "2024-08-28T06:15:05.607", - "lastModified": "2024-08-28T06:15:05.607", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution." + }, + { + "lang": "es", + "value": "Dell Client Platform BIOS contiene una vulnerabilidad de uso de clave criptogr\u00e1fica predeterminada. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda una omisi\u00f3n del arranque seguro y la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-397xx/CVE-2024-39771.json b/CVE-2024/CVE-2024-397xx/CVE-2024-39771.json index 94fda4a4083..ada1f2d150d 100644 --- a/CVE-2024/CVE-2024-397xx/CVE-2024-39771.json +++ b/CVE-2024/CVE-2024-397xx/CVE-2024-39771.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39771", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-08-28T06:15:06.233", - "lastModified": "2024-08-28T06:15:06.233", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack." + }, + { + "lang": "es", + "value": "QBiC CLOUD CC-2L v1.1.30 y anteriores y Safie One v1.8.2 y anteriores no validan correctamente los certificados, lo que puede permitir que un atacante no autenticado adyacente a la red obtenga y/o altere las comunicaciones del producto afectado a trav\u00e9s de un hombre en el ataque medio." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42361.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42361.json index 1b07e208ffc..be15fb2d27e 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42361.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42361.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42361", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-20T21:15:14.120", - "lastModified": "2024-08-21T12:30:33.697", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-28T13:49:50.457", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,22 +81,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.6.0", + "matchCriteriaId": "CA98346A-2073-4B00-B512-4C815CC417E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/manager/src/main/java/org/dromara/hertzbeat/manager/controller/MonitorsController.java#L202", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L242", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/dromara/hertzbeat/blob/1f12ac9f2a1a3d86b1d476775e14174243b250a8/warehouse/src/main/java/org/dromara/hertzbeat/warehouse/store/HistoryTdEngineDataStorage.java#L295", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42362.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42362.json index b80a5a81bc9..6b568f675b9 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42362.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42362.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42362", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-20T21:15:14.333", - "lastModified": "2024-08-21T12:30:33.697", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-28T13:49:47.967", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,30 +81,67 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:hertzbeat:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.6.0", + "matchCriteriaId": "CA98346A-2073-4B00-B512-4C815CC417E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/apache/hertzbeat/commit/79f5408e345e8e89da97be05f43e3204a950ddfb", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/apache/hertzbeat/commit/9dbbfb7812fc4440ba72bdee66799edd519d06bb", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/apache/hertzbeat/pull/1611", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/apache/hertzbeat/pull/1620", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/apache/hertzbeat/pull/1620/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://securitylab.github.com/advisories/GHSL-2023-254_GHSL-2023-256_HertzBeat/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44943.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44943.json index 676743ab1ff..d6bc0fc5616 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44943.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44943.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44943", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-08-28T08:15:06.963", - "lastModified": "2024-08-28T08:15:06.963", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: gup: stop abusing try_grab_folio\n\nA kernel warning was reported when pinning folio in CMA memory when\nlaunching SEV virtual machine. The splat looks like:\n\n[ 464.325306] WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313 __get_user_pages+0x423/0x520\n[ 464.325464] CPU: 13 PID: 6734 Comm: qemu-kvm Kdump: loaded Not tainted 6.6.33+ #6\n[ 464.325477] RIP: 0010:__get_user_pages+0x423/0x520\n[ 464.325515] Call Trace:\n[ 464.325520] \n[ 464.325523] ? __get_user_pages+0x423/0x520\n[ 464.325528] ? __warn+0x81/0x130\n[ 464.325536] ? __get_user_pages+0x423/0x520\n[ 464.325541] ? report_bug+0x171/0x1a0\n[ 464.325549] ? handle_bug+0x3c/0x70\n[ 464.325554] ? exc_invalid_op+0x17/0x70\n[ 464.325558] ? asm_exc_invalid_op+0x1a/0x20\n[ 464.325567] ? __get_user_pages+0x423/0x520\n[ 464.325575] __gup_longterm_locked+0x212/0x7a0\n[ 464.325583] internal_get_user_pages_fast+0xfb/0x190\n[ 464.325590] pin_user_pages_fast+0x47/0x60\n[ 464.325598] sev_pin_memory+0xca/0x170 [kvm_amd]\n[ 464.325616] sev_mem_enc_register_region+0x81/0x130 [kvm_amd]\n\nPer the analysis done by yangge, when starting the SEV virtual machine, it\nwill call pin_user_pages_fast(..., FOLL_LONGTERM, ...) to pin the memory. \nBut the page is in CMA area, so fast GUP will fail then fallback to the\nslow path due to the longterm pinnalbe check in try_grab_folio().\n\nThe slow path will try to pin the pages then migrate them out of CMA area.\nBut the slow path also uses try_grab_folio() to pin the page, it will\nalso fail due to the same check then the above warning is triggered.\n\nIn addition, the try_grab_folio() is supposed to be used in fast path and\nit elevates folio refcount by using add ref unless zero. We are guaranteed\nto have at least one stable reference in slow path, so the simple atomic add\ncould be used. The performance difference should be trivial, but the\nmisuse may be confusing and misleading.\n\nRedefined try_grab_folio() to try_grab_folio_fast(), and try_grab_page()\nto try_grab_folio(), and use them in the proper paths. This solves both\nthe abuse and the kernel warning.\n\nThe proper naming makes their usecase more clear and should prevent from\nabusing in the future.\n\npeterx said:\n\n: The user will see the pin fails, for gpu-slow it further triggers the WARN\n: right below that failure (as in the original report):\n: \n: folio = try_grab_folio(page, page_increm - 1,\n: foll_flags);\n: if (WARN_ON_ONCE(!folio)) { <------------------------ here\n: /*\n: * Release the 1st page ref if the\n: * folio is problematic, fail hard.\n: */\n: gup_put_folio(page_folio(page), 1,\n: foll_flags);\n: ret = -EFAULT;\n: goto out;\n: }\n\n[1] https://lore.kernel.org/linux-mm/1719478388-31917-1-git-send-email-yangge1116@126.com/\n\n[shy828301@gmail.com: fix implicit declaration of function try_grab_folio_fast]\n Link: https://lkml.kernel.org/r/CAHbLzkowMSso-4Nufc9hcMehQsK9PNz3OSu-+eniU-2Mm-xjhA@mail.gmail.com" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mm: gup: deja de abusar de try_grab_folio Se inform\u00f3 una advertencia del kernel al fijar folio en la memoria CMA al iniciar la m\u00e1quina virtual SEV. El s\u00edmbolo se ve as\u00ed: [464.325306] ADVERTENCIA: CPU: 13 PID: 6734 en mm/gup.c:1313 __get_user_pages+0x423/0x520 [464.325464] CPU: 13 PID: 6734 Comm: qemu-kvm Kdump: cargado No contaminado 6.6. 33+ #6 [ 464.325477] RIP: 0010:__get_user_pages+0x423/0x520 [ 464.325515] Seguimiento de llamadas: [ 464.325520] [ 464.325523] ? __get_user_pages+0x423/0x520 [464.325528] ? __advertir+0x81/0x130 [ 464.325536] ? __get_user_pages+0x423/0x520 [464.325541] ? report_bug+0x171/0x1a0 [464.325549]? handle_bug+0x3c/0x70 [464.325554]? exc_invalid_op+0x17/0x70 [464.325558]? asm_exc_invalid_op+0x1a/0x20 [464.325567]? __get_user_pages+0x423/0x520 [ 464.325575] __gup_longterm_locked+0x212/0x7a0 [ 464.325583] internal_get_user_pages_fast+0xfb/0x190 [ 464.325590] pin_user_pages_fast+0x47/0x60 [ 4 64.325598] sev_pin_memory+0xca/0x170 [kvm_amd] [ 464.325616] sev_mem_enc_register_region+0x81/0x130 [kvm_amd ] Seg\u00fan el an\u00e1lisis realizado por yangge, al iniciar la m\u00e1quina virtual SEV, llamar\u00e1 a pin_user_pages_fast(..., FOLL_LONGTERM, ...) para fijar la memoria. Pero la p\u00e1gina est\u00e1 en el \u00e1rea CMA, por lo que el GUP r\u00e1pido fallar\u00e1 y luego volver\u00e1 a la ruta lenta debido a la verificaci\u00f3n pinnalbe a largo plazo en try_grab_folio(). La ruta lenta intentar\u00e1 fijar las p\u00e1ginas y luego migrarlas fuera del \u00e1rea CMA. Pero la ruta lenta tambi\u00e9n usa try_grab_folio() para fijar la p\u00e1gina, tambi\u00e9n fallar\u00e1 debido a la misma verificaci\u00f3n y luego se activa la advertencia anterior. Adem\u00e1s, se supone que try_grab_folio() se usa en la ruta r\u00e1pida y eleva el recuento de folios usando add ref a menos que sea cero. Tenemos la garant\u00eda de tener al menos una referencia estable en una ruta lenta, por lo que se podr\u00eda utilizar la adici\u00f3n at\u00f3mica simple. La diferencia de rendimiento deber\u00eda ser trivial, pero el mal uso puede resultar confuso y enga\u00f1oso. Redefini\u00f3 try_grab_folio() a try_grab_folio_fast() y try_grab_page() a try_grab_folio(), y util\u00edcelos en las rutas adecuadas. Esto resuelve tanto el abuso como la advertencia del kernel. La denominaci\u00f3n adecuada aclara su caso de uso y deber\u00eda evitar abusos en el futuro. peterx dijo: El usuario ver\u00e1 que el pin falla, para gpu-slow activa a\u00fan m\u00e1s la ADVERTENCIA: justo debajo de ese error (como en el informe original): : : folio = try_grab_folio(page, page_increm - 1, : foll_flags); : if (WARN_ON_ONCE(!folio)) { <------------------------ aqu\u00ed : /* : * Liberar la referencia de la primera p\u00e1gina si : * El folio es problem\u00e1tico, falla mucho. : */ : gup_put_folio(page_folio(p\u00e1gina), 1, : foll_flags); : ret = -EFALLO; : salir; : } [1] https://lore.kernel.org/linux-mm/1719478388-31917-1-git-send-email-yangge1116@126.com/ [shy828301@gmail.com: corrige la declaraci\u00f3n impl\u00edcita de la funci\u00f3n try_grab_folio_fast ] Enlace: https://lkml.kernel.org/r/CAHbLzkowMSso-4Nufc9hcMehQsK9PNz3OSu-+eniU-2Mm-xjhA@mail.gmail.com" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45037.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45037.json index 9d6284016d1..f19656ce383 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45037.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45037.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45037", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-27T19:15:17.583", - "lastModified": "2024-08-27T19:15:17.583", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customer\u2019s AWS account. CDK contains pre-built components called \"constructs\" that are higher-level abstractions providing defaults and best practices. This approach enables developers to use familiar programming languages to define complex cloud infrastructure more efficiently than writing raw CloudFormation templates. We identified an issue in AWS Cloud Development Kit (CDK) which, under certain conditions, can result in granting authenticated Amazon Cognito users broader than intended access. Specifically, if a CDK application uses the \"RestApi\" construct with \"CognitoUserPoolAuthorizer\" as the authorizer and uses authorization scopes to limit access. This issue does not affect the availability of the specific API resources. Authenticated Cognito users may gain unintended access to protected API resources or methods, leading to potential data disclosure, and modification issues. Impacted versions: >=2.142.0;<=2.148.0. A patch is included in CDK versions >=2.148.1. Users are advised to upgrade their AWS CDK version to 2.148.1 or newer and re-deploy their application(s) to address this issue." + }, + { + "lang": "es", + "value": "El kit de desarrollo de la nube (CDK) de AWS es un framework de c\u00f3digo abierto para definir la infraestructura de la nube mediante c\u00f3digo. Los clientes lo utilizan para crear sus propias aplicaciones que se convierten en plantillas de AWS CloudFormation durante la implementaci\u00f3n en la cuenta de AWS del cliente. CDK contiene componentes predise\u00f1ados llamados \"construcciones\" que son abstracciones de nivel superior que proporcionan valores predeterminados y mejores pr\u00e1cticas. Este enfoque permite a los desarrolladores utilizar lenguajes de programaci\u00f3n familiares para definir una infraestructura de nube compleja de manera m\u00e1s eficiente que escribir plantillas de CloudFormation sin procesar. Identificamos un problema en el kit de desarrollo de la nube (CDK) de AWS que, bajo ciertas condiciones, puede dar lugar a que se otorgue a los usuarios autenticados de Amazon Cognito un acceso m\u00e1s amplio del previsto. Espec\u00edficamente, si una aplicaci\u00f3n CDK usa la construcci\u00f3n \"RestApi\" con \"CognitoUserPoolAuthorizer\" como autorizador y usa alcances de autorizaci\u00f3n para limitar el acceso. Este problema no afecta la disponibilidad de los recursos API espec\u00edficos. Los usuarios autenticados de Cognito pueden obtener acceso no deseado a recursos o m\u00e9todos de API protegidos, lo que puede generar problemas de modificaci\u00f3n y divulgaci\u00f3n de datos. Versiones afectadas: >=2.142.0;<=2.148.0. Se incluye un parche en las versiones CDK >=2.148.1. Se recomienda a los usuarios que actualicen su versi\u00f3n de AWS CDK a 2.148.1 o m\u00e1s reciente y vuelvan a implementar sus aplicaciones para solucionar este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45038.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45038.json index 3cd5325c034..1610d83b2ea 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45038.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45038.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45038", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-27T21:15:07.380", - "lastModified": "2024-08-27T21:15:07.380", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic device firmware is subject to a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the Meshtastic firmware and on the Meshtastic public MQTT Broker. It's strongly suggested that all users of Meshtastic, particularly those that connect to a privately hosted MQTT server, update to this or a more recent stable version right away. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "El firmware del dispositivo Meshtastic es un firmware para que los dispositivos meshtastic ejecuten una red de malla de c\u00f3digo abierto, fuera de la red, descentralizada y dise\u00f1ada para funcionar en dispositivos asequibles y de bajo consumo. El firmware del dispositivo Meshtastic est\u00e1 sujeto a una vulnerabilidad de denegaci\u00f3n de servicio en el manejo de MQTT, corregida en la versi\u00f3n 2.4.1 del firmware Meshtastic y en el Broker MQTT p\u00fablico Meshtastic. Se recomienda encarecidamente que todos los usuarios de Meshtastic, especialmente aquellos que se conectan a un servidor MQTT alojado de forma privada, actualicen a esta o a una versi\u00f3n estable m\u00e1s reciente de inmediato. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45049.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45049.json index 45a58d39f9b..f1a2cd65fc0 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45049.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45049.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45049", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-27T21:15:07.603", - "lastModified": "2024-08-27T21:15:07.603", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the availability of systems. The problem can be fixed by applying https://github.com/NixOS/hydra/commit/f73043378907c2c7e44f633ad764c8bdd1c947d5 to any Hydra package. Users are advised to upgrade. Users unable to upgrade should deny the `/api/push` route in a reverse proxy. This also breaks the \"Evaluate jobset\" button in the frontend." + }, + { + "lang": "es", + "value": "Hydra es un servicio de integraci\u00f3n continua para proyectos basados en Nix. Es posible activar evaluaciones en Hydra sin ninguna autenticaci\u00f3n. Dependiendo del tama\u00f1o de las evaluaciones, esto puede afectar la disponibilidad de los sistemas. El problema se puede solucionar aplicando https://github.com/NixOS/hydra/commit/f73043378907c2c7e44f633ad764c8bdd1c947d5 a cualquier paquete Hydra. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben rechazar la ruta `/api/push` en un proxy inverso. Esto tambi\u00e9n rompe el bot\u00f3n \"Evaluar conjunto de trabajos\" en la interfaz." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45346.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45346.json index 7d909123bd6..2cc12fc7f7e 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45346.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45346.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45346", "sourceIdentifier": "security@xiaomi.com", "published": "2024-08-28T07:15:08.823", - "lastModified": "2024-08-28T08:15:07.033", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code." + "value": "The Xiaomi Security Center expresses heartfelt thanks to Ken Gannon and Ilyes Beghdadi of NCC Group working with Trend Micro Zero Day Initiative! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo en el producto de aplicaci\u00f3n XiaomiGetApps. Esta vulnerabilidad se debe a que se omite la l\u00f3gica de verificaci\u00f3n y un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo malicioso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-45xx/CVE-2024-4554.json b/CVE-2024/CVE-2024-45xx/CVE-2024-4554.json index 015a963e387..1f139e1c21e 100644 --- a/CVE-2024/CVE-2024-45xx/CVE-2024-4554.json +++ b/CVE-2024/CVE-2024-45xx/CVE-2024-4554.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4554", "sourceIdentifier": "security@opentext.com", "published": "2024-08-28T07:15:09.330", - "lastModified": "2024-08-28T07:15:09.330", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack.\u00a0This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de validaci\u00f3n de entrada incorrecta en OpenText NetIQ Access Manager provoca un ataque de cross site scripting (XSS). Este problema afecta a NetIQ Access Manager anterior a 5.0.4.1 y 5.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-45xx/CVE-2024-4555.json b/CVE-2024/CVE-2024-45xx/CVE-2024-4555.json index 7f66da18669..87ab2447fb9 100644 --- a/CVE-2024/CVE-2024-45xx/CVE-2024-4555.json +++ b/CVE-2024/CVE-2024-45xx/CVE-2024-4555.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4555", "sourceIdentifier": "security@opentext.com", "published": "2024-08-28T07:15:09.830", - "lastModified": "2024-08-28T07:15:09.830", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario.\u00a0This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de gesti\u00f3n de privilegios inadecuada en OpenText NetIQ Access Manager permite la suplantaci\u00f3n de cuentas de usuario en un escenario espec\u00edfico. Este problema afecta a NetIQ Access Manager anterior a 5.0.4.1 y anterior a 5.1" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-45xx/CVE-2024-4556.json b/CVE-2024/CVE-2024-45xx/CVE-2024-4556.json index cf40bac4ea4..4f2d3029c8a 100644 --- a/CVE-2024/CVE-2024-45xx/CVE-2024-4556.json +++ b/CVE-2024/CVE-2024-45xx/CVE-2024-4556.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4556", "sourceIdentifier": "security@opentext.com", "published": "2024-08-28T07:15:10.320", - "lastModified": "2024-08-28T07:15:10.320", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information.\u00a0This issue affects NetIQ Access Manager before 5.0.4 and before 5.1." + }, + { + "lang": "es", + "value": "La vulnerabilidad de limitaci\u00f3n inadecuada de un nombre de ruta a un directorio restringido (\"Path Traversal\") en OpenText NetIQ Access Manager permite acceder a informaci\u00f3n confidencial. Este problema afecta a NetIQ Access Manager anterior a 5.0.4 y anterior a 5.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-52xx/CVE-2024-5288.json b/CVE-2024/CVE-2024-52xx/CVE-2024-5288.json index 150d30ce9d4..59775cf7ddc 100644 --- a/CVE-2024/CVE-2024-52xx/CVE-2024-5288.json +++ b/CVE-2024/CVE-2024-52xx/CVE-2024-5288.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5288", "sourceIdentifier": "facts@wolfssl.com", "published": "2024-08-27T19:15:17.797", - "lastModified": "2024-08-27T19:15:17.797", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSL_CHECK_SIG_FAULTS is used in signing operations with private ECC keys,\n\nsuch as in server-side TLS connections, the connection is halted if any fault occurs.\u00a0The success rate in a certain amount of connection requests can be processed via an advanced technique for ECDSA key recovery." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en wolfSSL antes de 5.7.0. Un ataque de error seguro a trav\u00e9s de Rowhammer, concretamente FAULT+PROBE, conduce a la divulgaci\u00f3n de la clave ECDSA. Cuando se utiliza WOLFSSL_CHECK_SIG_FAULTS en operaciones de firma con claves ECC privadas, como en conexiones TLS del lado del servidor, la conexi\u00f3n se detiene si se produce alg\u00fan error. La tasa de \u00e9xito en una cierta cantidad de solicitudes de conexi\u00f3n se puede procesar mediante una t\u00e9cnica avanzada para la recuperaci\u00f3n de claves ECDSA." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-55xx/CVE-2024-5546.json b/CVE-2024/CVE-2024-55xx/CVE-2024-5546.json index 4ec56d39a45..aab59fbb87d 100644 --- a/CVE-2024/CVE-2024-55xx/CVE-2024-5546.json +++ b/CVE-2024/CVE-2024-55xx/CVE-2024-5546.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5546", "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", "published": "2024-08-28T09:15:11.103", - "lastModified": "2024-08-28T09:15:11.103", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Zohocorp\u00a0ManageEngine Password Manager Pro versions before 12431 and\u00a0ManageEngine PAM360 versions\u00a0before 7001 are affected by\u00a0authenticated SQL Injection vulnerability via a global search option." + }, + { + "lang": "es", + "value": "Las versiones de Zohocorp ManageEngine Password Manager Pro anteriores a 12431 y las versiones de ManageEngine PAM360 anteriores a 7001 se ven afectadas por una vulnerabilidad de inyecci\u00f3n SQL autenticada a trav\u00e9s de una opci\u00f3n de b\u00fasqueda global." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5814.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5814.json index d6ee4187440..e76f7450cfb 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5814.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5814.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5814", "sourceIdentifier": "facts@wolfssl.com", "published": "2024-08-27T19:15:17.980", - "lastModified": "2024-08-27T20:35:37.640", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500" + }, + { + "lang": "es", + "value": "Un servidor TLS1.2 malicioso puede obligar a un cliente TLS1.3 con capacidad de degradaci\u00f3n a utilizar un conjunto de cifrado con el que no estuvo de acuerdo y lograr una conexi\u00f3n exitosa. Esto se debe a que, aparte de las extensiones, el cliente se saltaba por completo el an\u00e1lisis del saludo del servidor. https://doi.org/10.46586/tches.v2024.i1.457-500" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5991.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5991.json index 30a9c0c84d9..a573720d53c 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5991.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5991.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5991", "sourceIdentifier": "facts@wolfssl.com", "published": "2024-08-27T19:15:18.080", - "lastModified": "2024-08-27T19:15:18.080", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do a name check on a non-NULL terminated buffer, the code would read beyond the bounds of the input array until it found a NULL terminator.This issue affects wolfSSL: through 5.7.0." + }, + { + "lang": "es", + "value": "En la funci\u00f3n MatchDomainName(), el par\u00e1metro de entrada str se trata como una cadena terminada en NULL a pesar de haber sido proporcionado por el usuario y no estar marcado. Espec\u00edficamente, la funci\u00f3n X509_check_host() toma un puntero y una longitud para verificar, sin requisitos de que termine en NULL. Si una persona que llama intentaba realizar una verificaci\u00f3n de nombre en un b\u00fafer terminado en NULL, el c\u00f3digo se le\u00eda m\u00e1s all\u00e1 de los l\u00edmites de la matriz de entrada hasta encontrar un terminador NULL. Este problema afecta a wolfSSL: hasta 5.7.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6311.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6311.json index 9d2749ae0a4..3d3a0ea3ef9 100644 --- a/CVE-2024/CVE-2024-63xx/CVE-2024-6311.json +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6311.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6311", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-28T07:15:10.800", - "lastModified": "2024-08-28T07:15:10.800", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'af2_add_font' function in all versions up to, and including, 3.7.3.2. This makes it possible for authenticated attackers, with administrator-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible." + }, + { + "lang": "es", + "value": "El complemento Funnelforms Free para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n 'af2_add_font' en todas las versiones hasta la 3.7.3.2 incluida. Esto hace posible que atacantes autenticados, con permisos de nivel de administrador y superiores, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6312.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6312.json index 81d3b8794fc..fe7b5989670 100644 --- a/CVE-2024/CVE-2024-63xx/CVE-2024-6312.json +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6312.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6312", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-28T07:15:11.413", - "lastModified": "2024-08-28T07:15:11.413", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 3.7.3.2 via the 'af2DeleteFontFile' function. This is due to the plugin not properly validating a file or its path prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible." + }, + { + "lang": "es", + "value": "El complemento Funnelforms Free para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de archivos en todas las versiones hasta la 3.7.3.2 incluida a trav\u00e9s de la funci\u00f3n 'af2DeleteFontFile'. Esto se debe a que el complemento no valida correctamente un archivo o su ruta antes de eliminarlo. Esto hace posible que atacantes no autenticados eliminen archivos arbitrarios, incluido el archivo wp-config.php, lo que puede hacer posible la toma de control del sitio y la ejecuci\u00f3n remota de c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6448.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6448.json index dd7e2f2dd99..a9668b5c2fc 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6448.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6448.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6448", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-28T04:15:11.320", - "lastModified": "2024-08-28T04:15:11.320", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 7.7.0. This is due to the error reporting being enabled by default in multiple plugin files. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other vulnerabilities or to simplify reconnaissance work. On its own, this information is of very limited use." + }, + { + "lang": "es", + "value": "El complemento Mollie Payments for WooCommerce para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 7.7.0 incluida. Esto se debe a que el informe de errores est\u00e1 habilitado de forma predeterminada en varios archivos de complementos. Esto hace posible que los atacantes no autenticados obtengan la ruta completa a las instancias, que pueden utilizar en combinaci\u00f3n con otras vulnerabilidades o para simplificar el trabajo de reconocimiento. Por s\u00ed sola, esta informaci\u00f3n tiene una utilidad muy limitada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6449.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6449.json new file mode 100644 index 00000000000..3df3ed8c0ca --- /dev/null +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6449.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-6449", + "sourceIdentifier": "cvd@cert.pl", + "published": "2024-08-28T12:15:06.340", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "HyperView\u00a0Geoportal Toolkit in versions though\u00a08.2.4 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters.\nAn unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by the attacker and execute them in the user space.\nBy manipulating this parameter it is also possible to enumerate some of the devices in Local Area Network in which the server resides." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "LOW", + "subsequentSystemAvailability": "LOW", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-942" + } + ] + } + ], + "references": [ + { + "url": "https://cert.pl/en/posts/2024/08/CVE-2024-6449", + "source": "cvd@cert.pl" + }, + { + "url": "https://cert.pl/posts/2024/08/CVE-2024-6449", + "source": "cvd@cert.pl" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6450.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6450.json new file mode 100644 index 00000000000..6ff76731235 --- /dev/null +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6450.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-6450", + "sourceIdentifier": "cvd@cert.pl", + "published": "2024-08-28T12:15:06.507", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "HyperView\u00a0Geoportal Toolkit in versions though\u00a08.2.4 is vulnerable to Reflected Cross-Site Scripting (XSS). An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "LOW", + "subsequentSystemAvailability": "LOW", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://cert.pl/en/posts/2024/08/CVE-2024-6449", + "source": "cvd@cert.pl" + }, + { + "url": "https://cert.pl/posts/2024/08/CVE-2024-6449", + "source": "cvd@cert.pl" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7269.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7269.json index 7f16ea40506..85ee5b54dc1 100644 --- a/CVE-2024/CVE-2024-72xx/CVE-2024-7269.json +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7269.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7269", "sourceIdentifier": "cvd@cert.pl", "published": "2024-08-28T11:15:13.850", - "lastModified": "2024-08-28T11:15:13.850", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7447.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7447.json new file mode 100644 index 00000000000..ef894d6a153 --- /dev/null +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7447.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-7447", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-08-28T12:15:06.620", + "lastModified": "2024-08-28T12:57:17.117", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor \u2013 Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'fnsf_af2_handel_file_upload' function in all versions up to, and including, 3.7.3.2. This makes it possible for unauthenticated attackers to upload arbitrary media to the site, even if no forms exist." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/funnelforms-free/trunk/frontend/frontend.php#L2577", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3141470/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9871f683-136e-45b5-90fb-a373a771014b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-75xx/CVE-2024-7573.json b/CVE-2024/CVE-2024-75xx/CVE-2024-7573.json index 30e7c0f0625..4c7a0d6e90a 100644 --- a/CVE-2024/CVE-2024-75xx/CVE-2024-7573.json +++ b/CVE-2024/CVE-2024-75xx/CVE-2024-7573.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7573", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-28T03:15:03.803", - "lastModified": "2024-08-28T03:15:03.803", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to argument injection in all versions up to, and including, 2.4. This is due to insufficient validation of input supplied via POST data in the 'search' function. This makes it possible for unauthenticated attackers to inject arbitrary arguments into a WP_Query query and potentially expose sensitive information such as attachments or private posts." + }, + { + "lang": "es", + "value": "El complemento Relevanssi Live Ajax Search para WordPress es vulnerable a la inyecci\u00f3n de argumentos en todas las versiones hasta la 2.4 incluida. Esto se debe a una validaci\u00f3n insuficiente de la entrada proporcionada a trav\u00e9s de datos POST en la funci\u00f3n de 'b\u00fasqueda'. Esto hace posible que atacantes no autenticados inyecten argumentos arbitrarios en una consulta WP_Query y potencialmente expongan informaci\u00f3n confidencial como archivos adjuntos o publicaciones privadas." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7608.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7608.json index 1c7b3f1fcf8..612bda0973e 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7608.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7608.json @@ -2,13 +2,13 @@ "id": "CVE-2024-7608", "sourceIdentifier": "trellixpsirt@trellix.com", "published": "2024-08-27T08:15:05.980", - "lastModified": "2024-08-28T09:15:11.340", + "lastModified": "2024-08-28T12:15:06.900", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "An authenticated user can download sensitive files from NX, EX, FX, AX, IVX, and CMS using path traversal for the URL of network anomaly download_artifact." + "value": "An authenticated user can access the restricted files from NX, EX, FX, AX, IVX and CMS using path traversal." }, { "lang": "es", @@ -22,19 +22,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", - "privilegesRequired": "NONE", + "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "HIGH", - "baseScore": 6.4, + "baseScore": 5.9, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 1.6, + "exploitabilityScore": 1.2, "impactScore": 4.7 } ] diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8030.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8030.json index e05e69cb8b6..5e2076779e7 100644 --- a/CVE-2024/CVE-2024-80xx/CVE-2024-8030.json +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8030.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8030", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-28T03:15:04.040", - "lastModified": "2024-08-28T03:15:04.040", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the _ultimate_store_kit_wishlist cookie in versions up to , and including, 2.0.3. This makes it possible for an unauthenticated attacker to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker or above to delete arbitrary files, retrieve sensitive data, or execute code." + }, + { + "lang": "es", + "value": "El complemento Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table y Woocommerce Slider es vulnerable a la inyecci\u00f3n de objetos PHP a trav\u00e9s de la deserializaci\u00f3n de entradas que no son de confianza a trav\u00e9s de la cookie _ultimate_store_kit_wishlist en versiones hasta 2.0.3 incluida. Esto hace posible que un atacante no autenticado inyecte un objeto PHP. No hay ninguna cadena POP presente en el complemento vulnerable. Si una cadena POP est\u00e1 presente a trav\u00e9s de un complemento o tema adicional instalado en el sistema de destino, podr\u00eda permitir al atacante o superior eliminar archivos arbitrarios, recuperar datos confidenciales o ejecutar c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8210.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8210.json index 4eb2677b882..23e06831414 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8210.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8210.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8210", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T19:15:18.250", - "lastModified": "2024-08-27T19:15:18.250", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been classified as critical. This affects the function sprintf of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_mount leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS- 326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 y DNS-1550-04 hasta 20240814. ha sido clasificado como cr\u00edtico. Esto afecta la funci\u00f3n sprintf del archivo /cgi-bin/hd_config.cgi. La manipulaci\u00f3n del argumento f_mount conduce a la inyecci\u00f3n de comandos. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8211.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8211.json index 9b4a2bf4940..507d95542fc 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8211.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8211.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8211", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T19:15:18.553", - "lastModified": "2024-08-27T19:15:18.553", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been declared as critical. This vulnerability affects the function cgi_FMT_Std2R1_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_newly_dev leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS- 326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 y DNS-1550-04 hasta 20240814. ha sido declarado cr\u00edtico. Esta vulnerabilidad afecta a la funci\u00f3n cgi_FMT_Std2R1_DiskMGR del archivo /cgi-bin/hd_config.cgi. La manipulaci\u00f3n del argumento f_newly_dev conduce a la inyecci\u00f3n de comandos. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8212.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8212.json index 34eda48a9da..039d2cbc2d7 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8212.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8212.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8212", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T20:15:09.110", - "lastModified": "2024-08-27T20:15:09.110", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been rated as critical. This issue affects the function cgi_FMT_R12R5_2nd_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_source_dev leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS- 326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 y DNS-1550-04 hasta 20240814. ha sido calificado como cr\u00edtico. Este problema afecta la funci\u00f3n cgi_FMT_R12R5_2nd_DiskMGR del archivo /cgi-bin/hd_config.cgi. La manipulaci\u00f3n del argumento f_source_dev conduce a la inyecci\u00f3n de comandos. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8213.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8213.json index 96dc9c9df47..1484551f17a 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8213.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8213.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8213", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T20:15:09.423", - "lastModified": "2024-08-27T20:15:09.423", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability classified as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Affected is the function cgi_FMT_R12R5_1st_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_source_dev leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced." + }, + { + "lang": "es", + "value": "Una vulnerabilidad clasificada como cr\u00edtica ha sido encontrada en D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS- 325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 y DNS-1550-04 en adelante a 20240814. La funci\u00f3n cgi_FMT_R12R5_1st_DiskMGR del fichero /cgi-bin/hd_config.cgi es afectada por la vulnerabilidad. La manipulaci\u00f3n del argumento f_source_dev conduce a la inyecci\u00f3n de comandos. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8214.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8214.json index 19d6648cd48..6fc3ae4e206 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8214.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8214.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8214", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T20:15:09.703", - "lastModified": "2024-08-27T20:15:09.703", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Affected by this vulnerability is the function cgi_FMT_Std2R5_2nd_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_source_dev leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced." + }, + { + "lang": "es", + "value": "Una vulnerabilidad clasificada como cr\u00edtica fue encontrada en D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325 , DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 y DNS-1550-04 hasta 20240814. La funci\u00f3n cgi_FMT_Std2R5_2nd_DiskMGR del archivo /cgi-bin/hd_config.cgi es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento f_source_dev conduce a la inyecci\u00f3n de comandos. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8216.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8216.json index 5efd4646adf..c7291ab3fc2 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8216.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8216.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8216", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T21:15:07.830", - "lastModified": "2024-08-27T21:15:07.830", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument recipt_no leads to improper access controls. The attack may be launched remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en nafisulbari/itsourcecode Insurance Management System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo editPayment.php del componente Payment Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento recipt_no conduce a controles de acceso inadecuados. El ataque puede lanzarse de forma remota. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8217.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8217.json index 9b715a1434c..70536a43892 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8217.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8217.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8217", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T21:15:08.093", - "lastModified": "2024-08-27T21:15:08.093", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in SourceCodester E-Commerce Website 1.0 and classified as critical. This vulnerability affects unknown code of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester E-Commerce Website 1.0 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /Admin/registration.php. La manipulaci\u00f3n del argumento fname conduce a la inyecci\u00f3n de SQL. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8218.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8218.json index f5c60b30246..16728c7c428 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8218.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8218.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8218", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T21:15:08.350", - "lastModified": "2024-08-27T21:15:08.350", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Online Quiz Site 1.0 and classified as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument loginid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en los proyectos de c\u00f3digo Online Quiz Site 1.0 y clasificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo index.php. La manipulaci\u00f3n del argumento loginid conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8219.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8219.json index 7251805715a..76368ae800d 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8219.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8219.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8219", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T22:15:05.340", - "lastModified": "2024-08-27T22:15:05.340", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Responsive Hotel Site 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument name/phone/email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en los proyectos de c\u00f3digo Responsive Hotel Site 1.0. Ha sido clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo index.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento nombre/tel\u00e9fono/correo electr\u00f3nico conduce a la inyecci\u00f3n de SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8220.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8220.json index 235d72f9a12..b30b5bd16e3 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8220.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8220.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8220", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T22:15:05.630", - "lastModified": "2024-08-27T22:15:05.630", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:39.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file staffedit.php. The manipulation of the argument id/stafftype/address/fullname/phonenumber/salary leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en su c\u00f3digo fuente Tailoring Management System 1.0. Ha sido declarada cr\u00edtica. Una funci\u00f3n desconocida del archivo staffedit.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento id/tipo de personal/direcci\u00f3n/nombre completo/n\u00famero de tel\u00e9fono/salario conduce a la inyecci\u00f3n de SQL. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8221.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8221.json index 5ef98cb1756..a541d7b67ff 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8221.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8221.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8221", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T22:15:05.877", - "lastModified": "2024-08-27T22:15:05.877", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/categories/manage_category.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en SourceCodester Music Gallery Site 1.0. Ha sido calificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /admin/categories/manage_category.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8222.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8222.json index 130addc9da8..320bb82a7bc 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8222.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8222.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8222", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T23:15:03.360", - "lastModified": "2024-08-27T23:15:03.360", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file /admin/?page=musics/manage_music. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en SourceCodester Music Gallery Site 1.0 y clasificada como cr\u00edtica. Esto afecta a una parte desconocida del archivo /admin/?page=musics/manage_music. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8223.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8223.json index 679cd542668..f00048f232d 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8223.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8223.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8223", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T23:15:03.650", - "lastModified": "2024-08-27T23:15:03.650", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester Music Gallery Site 1.0 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo /classes/Master.php?f=delete_category. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8224.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8224.json index d696dd80f48..cf34b88b78d 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8224.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8224.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8224", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T23:15:03.920", - "lastModified": "2024-08-27T23:15:03.920", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.20. This issue affects the function formSetDebugCfg of the file /goform/setDebugCfg. The manipulation of the argument enable/level/module leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda G3 15.11.0.20 y clasificada como cr\u00edtica. Este problema afecta a la funci\u00f3n formSetDebugCfg del archivo /goform/setDebugCfg. La manipulaci\u00f3n del argumento enable/level/module conduce a un desbordamiento del b\u00fafer basado en pila. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8225.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8225.json index b9f58c97c47..8743dff43b4 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8225.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8225.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8225", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-27T23:15:04.207", - "lastModified": "2024-08-27T23:15:04.207", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda G3 15.11.0.20 y clasificada como cr\u00edtica. La funci\u00f3n formSetSysTime del fichero /goform/SetSysTimeCfg es afectada por la vulnerabilidad. La manipulaci\u00f3n del argumento sysTimePolicy provoca un desbordamiento del b\u00fafer basado en pila. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8226.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8226.json index 1d88cee4d44..8b4a7a0d3c3 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8226.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8226.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8226", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-28T00:15:04.287", - "lastModified": "2024-08-28T00:15:04.287", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en Tenda O1 1.0.0.7(10648) y clasificada como cr\u00edtica. La funci\u00f3n formSetCfm del archivo /goform/setcfm es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento funcpara1 provoca un desbordamiento del b\u00fafer basado en pila. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8227.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8227.json index 83f41eff553..01945241d00 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8227.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8227.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8227", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-28T00:15:04.550", - "lastModified": "2024-08-28T00:15:04.550", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda O1 1.0.0.7(10648) y clasificada como cr\u00edtica. La funci\u00f3n fromDhcpSetSer del archivo /goform/DhcpSetSer es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 provoca un desbordamiento del b\u00fafer basado en pila. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8228.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8228.json index 94737819be4..f97651feda3 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8228.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8228.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8228", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-28T00:15:04.807", - "lastModified": "2024-08-28T00:15:04.807", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda O5 1.0.0.8(5017). It has been classified as critical. This affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Tenda O5 1.0.0.8(5017). Ha sido clasificada como cr\u00edtica. Esto afecta a la funci\u00f3n fromSafeSetMacFilter del archivo /goform/setMacFilterList. La manipulaci\u00f3n del argumento comentario/tipo/hora conduce a un desbordamiento del b\u00fafer basado en pila. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8229.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8229.json index 5d1403d28e0..c0c66cae1ea 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8229.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8229.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8229", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-28T01:15:03.353", - "lastModified": "2024-08-28T01:15:03.353", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been declared as critical. This vulnerability affects the function frommacFilterModify of the file /goform/operateMacFilter. The manipulation of the argument mac leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda O6 1.0.0.7(2054). Ha sido declarada cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n frommacFilterModify del archivo /goform/operateMacFilter. La manipulaci\u00f3n del argumento mac conduce a un desbordamiento del b\u00fafer basado en pila. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8230.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8230.json index fbd4d701ef2..a7830431622 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8230.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8230.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8230", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-28T02:15:03.850", - "lastModified": "2024-08-28T02:15:03.850", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda O6 1.0.0.7(2054). Ha sido calificada como cr\u00edtica. Este problema afecta la funci\u00f3n fromSafeSetMacFilter del archivo /goform/setMacFilterList. La manipulaci\u00f3n del argumento comentario/tipo/hora conduce a un desbordamiento del b\u00fafer basado en pila. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8231.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8231.json index 62aa72976b1..1d6dd2a2da9 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8231.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8231.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8231", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-28T02:15:04.160", - "lastModified": "2024-08-28T02:15:04.160", - "vulnStatus": "Received", + "lastModified": "2024-08-28T12:57:27.610", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en Tenda O6 1.0.0.7(2054) y clasificada como cr\u00edtica. La funci\u00f3n fromVirtualSet del fichero /goform/setPortForward es afectada por la vulnerabilidad. La manipulaci\u00f3n del argumento ip/localPort/publicPort/app conduce a un desbordamiento del b\u00fafer basado en pila. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/README.md b/README.md index e61ae20afad..3c1438914c4 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-08-28T12:00:17.326743+00:00 +2024-08-28T14:00:18.251726+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-08-28T11:15:13.850000+00:00 +2024-08-28T13:49:50.457000+00:00 ``` ### Last Data Feed Release @@ -33,28 +33,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -261366 +261369 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `3` -- [CVE-2024-7269](CVE-2024/CVE-2024-72xx/CVE-2024-7269.json) (`2024-08-28T11:15:13.850`) +- [CVE-2024-6449](CVE-2024/CVE-2024-64xx/CVE-2024-6449.json) (`2024-08-28T12:15:06.340`) +- [CVE-2024-6450](CVE-2024/CVE-2024-64xx/CVE-2024-6450.json) (`2024-08-28T12:15:06.507`) +- [CVE-2024-7447](CVE-2024/CVE-2024-74xx/CVE-2024-7447.json) (`2024-08-28T12:15:06.620`) ### CVEs modified in the last Commit -Recently modified CVEs: `8` +Recently modified CVEs: `58` -- [CVE-2022-1606](CVE-2022/CVE-2022-16xx/CVE-2022-1606.json) (`2024-08-28T11:15:12.463`) -- [CVE-2022-1911](CVE-2022/CVE-2022-19xx/CVE-2022-1911.json) (`2024-08-28T11:15:13.070`) -- [CVE-2022-3284](CVE-2022/CVE-2022-32xx/CVE-2022-3284.json) (`2024-08-28T11:15:13.183`) -- [CVE-2022-4264](CVE-2022/CVE-2022-42xx/CVE-2022-4264.json) (`2024-08-28T11:15:13.310`) -- [CVE-2022-4270](CVE-2022/CVE-2022-42xx/CVE-2022-4270.json) (`2024-08-28T11:15:13.420`) -- [CVE-2022-4858](CVE-2022/CVE-2022-48xx/CVE-2022-4858.json) (`2024-08-28T11:15:13.513`) -- [CVE-2022-4861](CVE-2022/CVE-2022-48xx/CVE-2022-4861.json) (`2024-08-28T11:15:13.630`) -- [CVE-2022-4862](CVE-2022/CVE-2022-48xx/CVE-2022-4862.json) (`2024-08-28T11:15:13.723`) +- [CVE-2024-7269](CVE-2024/CVE-2024-72xx/CVE-2024-7269.json) (`2024-08-28T12:57:17.117`) +- [CVE-2024-7573](CVE-2024/CVE-2024-75xx/CVE-2024-7573.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-7608](CVE-2024/CVE-2024-76xx/CVE-2024-7608.json) (`2024-08-28T12:15:06.900`) +- [CVE-2024-8030](CVE-2024/CVE-2024-80xx/CVE-2024-8030.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8210](CVE-2024/CVE-2024-82xx/CVE-2024-8210.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8211](CVE-2024/CVE-2024-82xx/CVE-2024-8211.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8212](CVE-2024/CVE-2024-82xx/CVE-2024-8212.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8213](CVE-2024/CVE-2024-82xx/CVE-2024-8213.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8214](CVE-2024/CVE-2024-82xx/CVE-2024-8214.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8216](CVE-2024/CVE-2024-82xx/CVE-2024-8216.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8217](CVE-2024/CVE-2024-82xx/CVE-2024-8217.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8218](CVE-2024/CVE-2024-82xx/CVE-2024-8218.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8219](CVE-2024/CVE-2024-82xx/CVE-2024-8219.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8220](CVE-2024/CVE-2024-82xx/CVE-2024-8220.json) (`2024-08-28T12:57:39.090`) +- [CVE-2024-8221](CVE-2024/CVE-2024-82xx/CVE-2024-8221.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8222](CVE-2024/CVE-2024-82xx/CVE-2024-8222.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8223](CVE-2024/CVE-2024-82xx/CVE-2024-8223.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8224](CVE-2024/CVE-2024-82xx/CVE-2024-8224.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8225](CVE-2024/CVE-2024-82xx/CVE-2024-8225.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8226](CVE-2024/CVE-2024-82xx/CVE-2024-8226.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8227](CVE-2024/CVE-2024-82xx/CVE-2024-8227.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8228](CVE-2024/CVE-2024-82xx/CVE-2024-8228.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8229](CVE-2024/CVE-2024-82xx/CVE-2024-8229.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8230](CVE-2024/CVE-2024-82xx/CVE-2024-8230.json) (`2024-08-28T12:57:27.610`) +- [CVE-2024-8231](CVE-2024/CVE-2024-82xx/CVE-2024-8231.json) (`2024-08-28T12:57:27.610`) ## Download and Usage diff --git a/_state.csv b/_state.csv index aa6847008a3..0afdd6dc9d2 100644 --- a/_state.csv +++ b/_state.csv @@ -168726,7 +168726,7 @@ CVE-2021-22505,0,0,675e854cabcaeacf3b78a58593a856837df3f64f635c2f4dd4c947fa88d2f CVE-2021-22506,0,0,7377ec998ae060ed34b511d8dd7b1645447b5531a985bd6c0ecd5db299ab8c1d,2024-07-26T20:01:47.710000 CVE-2021-22507,0,0,49a8df4354221c1d979c5377b3f9b1248fa19b8c379d04eb8b6a4dc3660b49f5,2023-11-07T03:30:15.790000 CVE-2021-22508,0,0,67652588d6598b9dba62407096c17326f8c4c524d1709ce1b654eeddc41e3e93,2024-05-20T13:00:24.667000 -CVE-2021-22509,0,0,777915d5bf9c3d8b17915f4435269c585118b2eea06d476fc5d7084cb8adc323,2024-08-28T07:15:04.753000 +CVE-2021-22509,0,1,ad133852cb46349aa71f20aa683388c907a4b5433e4facfdc276ef8ad2143488,2024-08-28T12:57:27.610000 CVE-2021-2251,0,0,4286961cf0137de4568c5f4c5b69bb31850c9f2bab612da4f72c39c76dba0177,2021-04-29T12:58:39.193000 CVE-2021-22510,0,0,dcc596e7382beb136aa69c33e161a613333c65851d59175ffc16ad5915f58f7e,2023-11-07T03:30:16.050000 CVE-2021-22511,0,0,f41f49f6ec16503a60944cca593f738d35701c43b2681c82c497e647c5c624c7,2023-11-07T03:30:16.310000 @@ -168746,9 +168746,9 @@ CVE-2021-22525,0,0,296450ca1e1233adcf3143ac5bdea72d2264725eafb87a4c07a15b7b7e801 CVE-2021-22526,0,0,e31e530327ad3bebc011bfe3d7d9a24dcf8f77efdd622cf1af58a96cf7283010,2023-11-07T03:30:19.707000 CVE-2021-22527,0,0,bc0c2ffc8677e4ec8b64c8e43d2a38fc47ca1cbe2713f899b24a62400ab1a12f,2023-11-07T03:30:19.927000 CVE-2021-22528,0,0,5bf59e7d54e0ee9528364054296e2d9a2de193e1d8cb55d017d3177f24ebff26,2023-11-07T03:30:20.143000 -CVE-2021-22529,0,0,6cab5bf3beb2ca32fd45e3def359c700f5fb2b004a2dbf249003d6f5e00f20ac,2024-08-28T07:15:06.223000 +CVE-2021-22529,0,1,795293a14b7e4e5bc81ca423ce3843d8f39e704497a7846df7f14de3446c552b,2024-08-28T12:57:27.610000 CVE-2021-2253,0,0,9e2be9bb813a2e3899ee4a36c9db4012f6aae0eed717889a70a4a84f203004b0,2021-04-29T12:57:58.230000 -CVE-2021-22530,0,0,19208a11142c069b1909035d2300f806fde61fc2c56d5240845b0120b7887461,2024-08-28T07:15:06.750000 +CVE-2021-22530,0,1,296ff93efb349c5cc189cd25eb3faa01ca7bd606a4fb82f02dba4baa92e298c5,2024-08-28T12:57:17.117000 CVE-2021-22531,0,0,2ffef1a3095a1f67c14a48602d93f0c886d38c01b7653274771e69e8e9e12dcb,2023-11-07T03:30:20.380000 CVE-2021-22535,0,0,0cff80698ce8ede7035f297b2f9817048e9d9e9718e7dc9eb83b3305cbb47e07,2023-11-07T03:30:20.670000 CVE-2021-22538,0,0,447322567d97db99dd06b56b17c4818a654489f5f18b93925c9e7c6e4f0028d2,2021-04-06T14:11:52.257000 @@ -180318,9 +180318,9 @@ CVE-2021-38113,0,0,a1fa7ef31580e0e2fae651fffb9fa372b4cee32d23a47ce868d9acaf00240 CVE-2021-38114,0,0,f5bbfabbe38c5644e8cd21108a48b05b9d6c1f858bde8c7bb7493de97f4f5d70,2023-11-07T03:37:13.900000 CVE-2021-38115,0,0,0d4529d2dc20d029bb9ee8663c7b78d5bfa9be575f5879ed777d4526582a3d07,2024-04-07T01:17:53.337000 CVE-2021-3812,0,0,afacf08a6926dd761cd14ea7be38b0c773f7d4e31838aabc34b4a238033af577,2021-09-28T02:32:32.737000 -CVE-2021-38120,0,0,fb46e57911359ffb825e1bb21d7107a469d89260da3a3e002cea46b6ab749961,2024-08-28T07:15:07.303000 -CVE-2021-38121,0,0,c59c4e11408d0135367a0aaa83ef297b545c944426935c18f7dd4fda91a89fdc,2024-08-28T07:15:07.807000 -CVE-2021-38122,0,0,274816fd5ce390640f087d529ebf2c4cb9f45ca35436f76153ac7238c2201a0a,2024-08-28T07:15:08.300000 +CVE-2021-38120,0,1,9e0da8f92f314a0f46e25c5d5abc0657c16193f190ab93a39627ccfc2029a5ea,2024-08-28T12:57:17.117000 +CVE-2021-38121,0,1,bef884f6c9e4ad1a9dd809e12d060109f9a9d327fcedafe4cc8ff261ac74e581,2024-08-28T12:57:17.117000 +CVE-2021-38122,0,1,431d16ddfe291f564f2d686a99c4cb8528cfee693e29d31339284e0c684bbcd8,2024-08-28T12:57:17.117000 CVE-2021-38123,0,0,733f1d31597cbc536fab4d2ae9084a85932eb1447339cd96f79697cf7ce2cf3d,2023-11-07T03:37:14.523000 CVE-2021-38124,0,0,f2fcd4839f48ca621d12d11b2f6b8169a58cfe9389901fc30c449c923b2bbef3,2023-11-07T03:37:15.587000 CVE-2021-38125,0,0,cca5fea4853ef2eaacee614aaf6f07a8d197ea57c437239ce440cbbd8a6e3f17,2023-11-07T03:37:16.490000 @@ -188976,7 +188976,7 @@ CVE-2022-1602,0,0,8ded338e9d5e72ce279b3157a59cdcee44b380d37993413a9d6285d194afa6 CVE-2022-1603,0,0,bdce6f9fdccd3751aa1f7ee305e1f4fedbfb09012f6545dab89f07f1d3ce10c9,2022-07-01T13:40:30.767000 CVE-2022-1604,0,0,5f1f3daa1c680fc895dd173f1d568949466667813eb03c974e7ad079e2254937,2022-06-17T23:29:33.830000 CVE-2022-1605,0,0,f1e793a2504bb313a274ce8d06d798c63ee33259173dca3bf50a6dee24323834,2022-06-17T23:29:01.430000 -CVE-2022-1606,0,1,7dc8206c57eb45f46145c1338e7d7f88356b68aba0f756c1d68ebaabe8c72681,2024-08-28T11:15:12.463000 +CVE-2022-1606,0,0,7dc8206c57eb45f46145c1338e7d7f88356b68aba0f756c1d68ebaabe8c72681,2024-08-28T11:15:12.463000 CVE-2022-1607,0,0,a964a591335f26f3792d44ddd34610fd8213562307c5f7d20c60a293df75255b,2023-11-07T03:42:02.290000 CVE-2022-1608,0,0,25815574e96458df00f16ffc0c399c0e7d56126268f8aa800d8ca1a17eee1265,2022-06-17T23:28:50.873000 CVE-2022-1609,0,0,2bbd9e6e5b48c5567a7ee831e837cc6bd44f3e9027964872ef1ceef8bfd9020c,2024-01-22T19:59:05.563000 @@ -189271,7 +189271,7 @@ CVE-2022-1907,0,0,44fe9083d310a29e492288bc9791c6ed5907b3ecadddf22a33cb47be5feb24 CVE-2022-1908,0,0,1d6438ccdeec488d4548454970d4797cdb874a2f7cad87b7badff7db0ab17a42,2022-06-03T15:14:42.907000 CVE-2022-1909,0,0,2db92dfc63b22b6553dd58c99f9fd12fd8a74e4633783e62cf693c8c5da997fa,2022-06-03T15:14:02.230000 CVE-2022-1910,0,0,dd7ebeb9133a8a277cb49646cc4e8cca9096d58d8dbae19c544f06b88d37bd09,2022-07-15T16:57:33.277000 -CVE-2022-1911,0,1,c1b81b669c94d23a1d5938078c86d0ece0880e44ba2497b034eb351b8c640e43,2024-08-28T11:15:13.070000 +CVE-2022-1911,0,0,c1b81b669c94d23a1d5938078c86d0ece0880e44ba2497b034eb351b8c640e43,2024-08-28T11:15:13.070000 CVE-2022-1912,0,0,aa0f7ac1a296fe072f79a127036a3e24beb2d0219a5fca8007d663e0a345dd3c,2023-11-07T03:42:17.977000 CVE-2022-1913,0,0,1ab635063605bb49aed17c47fa5e9305a76df479d6fbb7fb16a95b3945f6a752,2022-07-06T17:55:29.200000 CVE-2022-1914,0,0,11bab3dd12a9e04d09663cd6fba39183a0cd98a5d244bc3a413ec5a9a81d8bd6,2022-07-06T17:15:12.727000 @@ -200448,7 +200448,7 @@ CVE-2022-32836,0,0,1b3bdcb1f9115fc06633220c11356400c089b731c737dc3932e1bec3cb418 CVE-2022-32837,0,0,8457489d00795cb2315957dcf469901640a85403b4e12c988e3cdb8ce3b32785,2022-10-01T02:32:09.153000 CVE-2022-32838,0,0,c7ad3cab23f7b0c3df82ed0a17c249cd6d6d16994543048a427ce142251c5380,2022-11-02T13:18:35.983000 CVE-2022-32839,0,0,ef6482b94c6de9c16468c5c67d7e9891f2b783d19818f94065d0ca42af416436,2022-11-02T13:18:35.983000 -CVE-2022-3284,0,1,c0b56f4806c97d4dc57dc8cad57c4c16bc91b6b8d15ce955c98df1f046114c29,2024-08-28T11:15:13.183000 +CVE-2022-3284,0,0,c0b56f4806c97d4dc57dc8cad57c4c16bc91b6b8d15ce955c98df1f046114c29,2024-08-28T11:15:13.183000 CVE-2022-32840,0,0,bcdfe5aebea82965d462b4f9cfd004c946a37b6c676b41c18ed70064aec9bf81,2022-08-29T15:49:37.450000 CVE-2022-32841,0,0,d5f2312119f1deac8995b1596badffecb335ae385d1d01237d9b6eed722359ed,2023-01-09T16:41:59.350000 CVE-2022-32842,0,0,97d9dea0e52d1ff56984a96d64644105ef558963f73dd7dda2f4c233118a7998,2022-11-02T13:18:35.983000 @@ -205864,7 +205864,7 @@ CVE-2022-39988,0,0,9f069419049172b539dd2423b25d3d05c1cc2c011ba2c6a9dcec6c5b14ff3 CVE-2022-39989,0,0,7ffdce84d8cd26b98c707b03c57c173dd5d7b41678d150601e81ecbc1bbf6f23,2023-05-04T19:49:24.510000 CVE-2022-3999,0,0,56326c6b077d7a3c7ca90954778c1f40832d60973c4c7842e4f24fc67bbe6eef,2023-11-07T03:52:05.753000 CVE-2022-39996,0,0,515d89341d75fc891c2495715479db343fbd6a795549afa8dc6e58128081b767,2024-08-27T21:35:01.140000 -CVE-2022-39997,0,0,1309ea0328785e03a7575bb8d3a68e06eea3a09084972b8522156f94cd4c6507,2024-08-27T19:15:15.953000 +CVE-2022-39997,0,1,cd7a61c846c22c80c0544292da520e989793b0b1614784062f16417855a4b438,2024-08-28T12:57:39.090000 CVE-2022-4000,0,0,293c79822977efd995079bd9f91c2bb859b092b412fd024b23d45cadf6837091,2023-11-07T03:56:39.273000 CVE-2022-40000,0,0,b2c90b4cd331ea48eb1c696df1cfed736f89b655e360d832a043e7696dd829cb,2022-12-19T16:23:40.887000 CVE-2022-40001,0,0,53944e40d3dc029fd806c75d13f9eb446512b7b5067631d8fcb6e9c0e4408b76,2022-12-19T16:23:53.913000 @@ -208014,7 +208014,7 @@ CVE-2022-4259,0,0,d561bbeb095236e3b2c8e81c20414aa706f716007272be247bf1a519181f9d CVE-2022-4260,0,0,b90ce53c36a38e25d99ee597c757a3f7a95196236f787f7bcaa892ed0670c3e6,2023-11-07T03:57:20.630000 CVE-2022-4261,0,0,39d846169b867e1ffb92b2a4dbac94e1a2967fd6504a493d1cd837cb6f860239,2023-11-07T03:57:20.847000 CVE-2022-4262,0,0,c97ed23ab1670f44c6341990d82ecefa292740a650dfddbda471c8971f302216,2022-12-05T14:18:59.793000 -CVE-2022-4264,0,1,3533e2b2ee08f44b2bba71326d9f47073e5311cc646f7cb50c83a51fcf18145b,2024-08-28T11:15:13.310000 +CVE-2022-4264,0,0,3533e2b2ee08f44b2bba71326d9f47073e5311cc646f7cb50c83a51fcf18145b,2024-08-28T11:15:13.310000 CVE-2022-4265,0,0,75bdb598bc06f833eee2e367a4baecb74e13628845a7f4784372a2fcefadea60,2023-11-07T03:57:21.097000 CVE-2022-4266,0,0,90e564688b308651e111e9452cec25cfd9fd943c40fe5ed70b48853631746c76,2023-11-07T03:57:21.347000 CVE-2022-4267,0,0,c05013b97d6ec4728723225220114605c8a37071d4d2aa7b0af94829c1dd77c7,2023-11-07T03:57:21.553000 @@ -208022,7 +208022,7 @@ CVE-2022-4268,0,0,2f908fcf5ea971e901014d9d12552b59e56415349a90e44d436b15b21ac918 CVE-2022-4269,0,0,1072d2087691a412b74ed92706004cd0407eacbe9b66b38d1dc97638e0c16ec4,2023-10-20T00:15:11.157000 CVE-2022-42698,0,0,8b98eb4e909484b8e2b6ac7c54a186e3d0fc77d85aedb6eadaf7210c8748d9bf,2022-11-21T19:32:49.060000 CVE-2022-42699,0,0,39d1894a1e24941a6e0a55a33e78af008ccb0fd2669ef9c1b815bdac94bfaf0e,2023-11-07T03:53:24.527000 -CVE-2022-4270,0,1,a890b41693daf62ddc58ce16cc33311051f101c6ff2c2c1f2f4dfdabb803c1b8,2024-08-28T11:15:13.420000 +CVE-2022-4270,0,0,a890b41693daf62ddc58ce16cc33311051f101c6ff2c2c1f2f4dfdabb803c1b8,2024-08-28T11:15:13.420000 CVE-2022-42703,0,0,19b6312481eea5d8672cc9f65d2c2a2817aeade403dc7b0625a29bdcd1dffd8a,2023-02-03T20:29:39.273000 CVE-2022-42704,0,0,c29a287b1e4c5a4a942c8a5e029030341499293c8a69aee76bf68cf1fcf6cdd4,2023-01-23T18:36:41.117000 CVE-2022-42705,0,0,bc67c3603eb61a276124a5fee1b928e26ae5bc3c11326df70ccb74461dca0a2b,2023-02-24T00:15:12.057000 @@ -212076,7 +212076,7 @@ CVE-2022-48571,0,0,8c7b1ac787ddf1d6a16f1e133112b367842b4fac62aa1cfd5a86680aa81cb CVE-2022-48577,0,0,cfbe75862327245c072ce5c172b7ef02b77ac4154d075f57893f5eb8d2edae40,2024-01-17T17:59:46.343000 CVE-2022-48578,0,0,a845c231353cdca07d74c49f3b6a11f7965a967f3271f1be7a7c23530bc6a615,2024-08-19T19:35:03.153000 CVE-2022-48579,0,0,c8c8cb08baf6eb8cbe4aba91c8a7c56372c2bbdfd971b2fbd59995e2aeebde3a,2023-08-17T19:15:09.937000 -CVE-2022-4858,0,1,28bcf2e100e04c3beffdfe68d2ea660919aacca3d20c3f94411841f9d47b94c2,2024-08-28T11:15:13.513000 +CVE-2022-4858,0,0,28bcf2e100e04c3beffdfe68d2ea660919aacca3d20c3f94411841f9d47b94c2,2024-08-28T11:15:13.513000 CVE-2022-48580,0,0,664a1c84f2e154c232999533b71cbc2bb99e38f547b934ddab2d305e4cbcfb89,2023-08-11T17:39:26.760000 CVE-2022-48581,0,0,b60ae1d1c013695bb6d30770f7c9a90ea9f3dc007b2a9286f14c688163e840f1,2023-08-11T16:57:33.020000 CVE-2022-48582,0,0,e9d216947b4be0545e084b93f6011326b7e6c149e070254cdf3c674ef09d4fb5,2023-08-11T18:18:31.970000 @@ -212106,7 +212106,7 @@ CVE-2022-48603,0,0,e6f68d4e0764ce0353823a70485bc7002649ef50ccb8c00b5ef76fa854f09 CVE-2022-48604,0,0,634f658b7452e991ed4fdc108b06913f6ab235fe0e2d071580f1f2109a521460,2023-11-07T03:56:38.937000 CVE-2022-48605,0,0,024dd65ae4befe18725960d33cc7952f3b6cc3380a76c4f079c7a2dac381472c,2023-09-26T18:53:26.107000 CVE-2022-48606,0,0,4156d8ca5e89069b0a1680dd109b253e9266f4259044a999a0fce0fbe240a464,2023-09-28T17:40:49.480000 -CVE-2022-4861,0,1,50ef976c8ca411073b61f7c89668754f19844eebfa42a7b5845557cf3b619bfd,2024-08-28T11:15:13.630000 +CVE-2022-4861,0,0,50ef976c8ca411073b61f7c89668754f19844eebfa42a7b5845557cf3b619bfd,2024-08-28T11:15:13.630000 CVE-2022-48611,0,0,c0bd39bbf90934df296e69098bb3841757834a52af49595766321b664e73384e,2024-04-29T12:42:03.667000 CVE-2022-48612,0,0,90433b802908856ea91038d15917b1acd6ca3fb83fbd4a5f1a6db4e6b7437b35,2023-10-19T16:22:05.877000 CVE-2022-48613,0,0,f0e5d35e28476588f4d2a4895d0480d0e008a24da906a3f34f8a68a6e4af030f,2023-11-14T20:05:24.217000 @@ -212115,7 +212115,7 @@ CVE-2022-48615,0,0,75bfc14f9a191ab8c781255b295d8ffd7a4c2678de5994a763d2ea2c9a94b CVE-2022-48616,0,0,afb900d120cd7b289f2194cbaf2576a6e84f1b1e2bbe110d7b98c720789806c4,2023-12-15T15:27:11.247000 CVE-2022-48618,0,0,a6eef9a5f4b698c3f9f4220d3055015e15fce5a5eb3c7a14f2b80748deaf545c,2024-08-14T15:22:47.173000 CVE-2022-48619,0,0,2928b772c1aeee7ee52ae396b86a77a24d733dd9768a530500eee761c2aaa44a,2024-01-19T15:27:59.073000 -CVE-2022-4862,0,1,2553413418f6ad24271b84c4b6265dbfaea53531b172d691e897d8db042ae05f,2024-08-28T11:15:13.723000 +CVE-2022-4862,0,0,2553413418f6ad24271b84c4b6265dbfaea53531b172d691e897d8db042ae05f,2024-08-28T11:15:13.723000 CVE-2022-48620,0,0,5698c281f8e8068516c8dfe700ee9a98bc0bfd9312d73b253920c8e72d6c9959,2024-03-23T03:15:08.797000 CVE-2022-48621,0,0,1cd5ad66125265477c8dc07522592260d4eec4c99a5ef37987104225c1fc205f,2024-02-20T19:50:53.960000 CVE-2022-48622,0,0,8603f3223b9efff6b371bdc90b7040dc59471154fa80a88ca2d72860d21139c6,2024-08-26T20:35:01.673000 @@ -219700,10 +219700,10 @@ CVE-2023-26318,0,0,d49830620df46f2dde3da449a5ab4d59351f38e41e437bccf559cb5c96c8a CVE-2023-26319,0,0,3dd6441fbb2cf89b0e957e6f3f556dd38ea034f50ae932ae756d43f14248f8cd,2023-10-16T19:02:59.867000 CVE-2023-2632,0,0,301898869b5a60457376f20e3b7ea036dcafa847ec705a351ca3cee971a25c85,2023-05-25T16:08:28.660000 CVE-2023-26320,0,0,ce18ada0dab81b6e3cbb23f236fe2120ff674b38177ae9eb5db23adbd1986f1c,2023-10-16T19:04:10.920000 -CVE-2023-26321,0,0,bbcf820d2408d614c8b3d21527d6f7de832ddc40068f3224f26123517c11c22f,2024-08-28T08:15:06.083000 -CVE-2023-26322,0,0,e7ea6aff4737e43d068d43a25c514293c7947ac2114297e2c3693bd24ffb0ef0,2024-08-28T08:15:06.263000 -CVE-2023-26323,0,0,da09ba2b9879964a140656bf67533a439b34511e513820ba32ba1817c7eafda7,2024-08-28T08:15:06.427000 -CVE-2023-26324,0,0,72f49e87691a5d3ee099477fd6f6aab48973c0187c5894d86b2bc8d8e0642bc1,2024-08-28T08:15:06.600000 +CVE-2023-26321,0,1,b75b605fdb8ac99bba7cd33bc5a27b0464761915d8e051cc7391f87c31191bc9,2024-08-28T12:57:17.117000 +CVE-2023-26322,0,1,c40687e83d74876910fb67eff7f943bef85560838a3fb0038e2b513dc8229d59,2024-08-28T12:57:17.117000 +CVE-2023-26323,0,1,484add0c04d4a78cede6c93a8c8952694f596119aecb48ac15eaa55dd3b75254,2024-08-28T12:57:17.117000 +CVE-2023-26324,0,1,b3796eff8bd943892bb45362a86e1a399396db5b76aa729e03c56cef912d6aa0,2024-08-28T12:57:17.117000 CVE-2023-26325,0,0,0815d0f5538437b0c1a37e2d30e66d4594a1f33bad8ba20cf36ef6d2f6c24077,2023-04-13T20:15:09.657000 CVE-2023-26326,0,0,7a94421fc97dc2e69220f52c8149f79ba5e3f607156d057693f823cb0ba1ecd2,2023-03-03T16:46:29.717000 CVE-2023-26327,0,0,1cc55ebadf8900607cbb779734840e485cf992ab645ea88d7f35d67b7049a018,2023-04-03T18:42:37.320000 @@ -232465,7 +232465,7 @@ CVE-2023-43072,0,0,219c44680bf759277ea4c69a6bf018846271d7e56f74b36a7fad93b31f540 CVE-2023-43073,0,0,e697c40808ab95fd13c420bd1b78ac70ad6637796f3acc71be4ec7f8b68cb76e,2023-10-06T17:55:26.480000 CVE-2023-43074,0,0,423707a42672f5259f9309c79a9cfc4fe6b155cc57a03b905f2e7fed655682fb,2023-10-28T03:29:38.597000 CVE-2023-43076,0,0,ae235c36f6c55b4555a6ebe6fbeb61abe2e5ed01d2903954b4d265b61046d0d8,2023-11-09T19:05:13.340000 -CVE-2023-43078,0,0,440905ff5993a5658b54a60c6d28d347857dbdf1e89408f25b0426e35daecf4d,2024-08-28T06:15:03.930000 +CVE-2023-43078,0,1,daf9621b58fd71b130b0c08bf454e60417405b8712014360841c03ecab22ad1d,2024-08-28T12:57:27.610000 CVE-2023-43079,0,0,045ae66c129d3b00c4efd0ea04f5ab8b9542c8092e4b729f681d90aeef4463ea,2023-10-20T20:01:50.240000 CVE-2023-4308,0,0,2e985217aefe9f54ecaa61ae64a06b347427536f2232a7aed87da4691ebf08e5,2023-11-07T04:22:26.690000 CVE-2023-43081,0,0,f8079c158546141cf0052ea6928190a507a7635d846c884a2289865895045133,2023-11-27T22:08:21.640000 @@ -234278,7 +234278,7 @@ CVE-2023-4589,0,0,5823a1bbdcd3fd3dad6a9d361ad6771c5169f34ce23ef9e39b305d1aaf66a9 CVE-2023-45892,0,0,31ea99a81b63e5dc5404654e4231556ec48f5c4f723835f37c58ea694f43c518,2024-01-08T19:31:03.043000 CVE-2023-45893,0,0,012ce31fe6e07df7e806e0f22cab292b188d57d4fcd77a1edd037ec55ea25c2a,2024-01-08T19:30:51.917000 CVE-2023-45894,0,0,acbbd0369c677d90271e9d43ae921ffda1b227f19a0c24cf767e01f00c88765f,2023-12-20T16:44:29.960000 -CVE-2023-45896,0,0,5120d4320fcff238bb667d4630420f341125c9428bf28faa9c409e59748c5e45,2024-08-28T05:15:13.657000 +CVE-2023-45896,0,1,b6f1871c5cde20100e5e34025c9d349c486d49aa1d3960ac236671572654f902,2024-08-28T12:57:27.610000 CVE-2023-45897,0,0,734daadcbcf83a77d0375bea2b59862190723c5d109c64b97c90f46f832ac6a4,2023-11-21T16:33:02.183000 CVE-2023-45898,0,0,f3261a8736c0c34cdaa65c9211bd18854b9e3c8fbb8c9c8e0fd98bdbf7fab3eb,2024-08-26T16:07:21.753000 CVE-2023-45899,0,0,8ea5b9ddd2874024b78e9d2dcda12439e81d1dbfe77d0f8413dab38e7cc66b6f,2023-11-08T16:54:12.307000 @@ -242488,7 +242488,7 @@ CVE-2024-1537,0,0,0fbbb428e5d6117794e506ac85f652d85cda102f4ab0cd6387f39041bf7253 CVE-2024-1538,0,0,9fc7289e31e07bb56b9eb9128e9d1b6ba097152ab59ee8378f006443d204bcca,2024-03-21T12:58:51.093000 CVE-2024-1540,0,0,8f40fefee3c1d81db1cb09d26a976b077353ff3be5e21ad7faf7c16fdb309e83,2024-04-16T12:15:09.617000 CVE-2024-1541,0,0,b86c8271de1114c26151c28b4a73ced0b46884833e2a03ab8cf945b436dc1143,2024-03-13T18:15:58.530000 -CVE-2024-1544,0,0,72c4561a2f6f9312b7f0081c7f9795f87578b8288b82adf21b60ce4ab66bb119,2024-08-27T19:15:16.547000 +CVE-2024-1544,0,1,265716934ae5f78af4714ddd5770ee1721802c8c59f6325c2998c6704d523a66,2024-08-28T12:57:39.090000 CVE-2024-1546,0,0,25cf53baa34bb0b4805c5fe628b82b62aabfaaa6638a62497af9e0de14b093ff,2024-03-04T09:15:37.650000 CVE-2024-1547,0,0,8590deab7ee2956de6a0ef76618a6a96ff52727cdbc8e57258f00f60bb5d5bd4,2024-03-04T09:15:37.740000 CVE-2024-1548,0,0,6eee3f01728ed0fd4a2424a0afe7c369619c5f5c30c8c9a39afa9061aca1df3f,2024-03-04T09:15:37.787000 @@ -256287,7 +256287,7 @@ CVE-2024-39571,0,0,5f5a00a374a36754f81b606fe5b7617af673280667e3ded939b747c7e23ff CVE-2024-39573,0,0,66fc7feceb0e35a8b2e536fb0fe145ff47c70fa679791c05a2dafe67c9ad9e6e,2024-07-12T14:15:16.400000 CVE-2024-39576,0,0,b954c37b27403600557da0d261dd953de929a61b04f025c8697cd0d77090d715,2024-08-22T12:48:02.790000 CVE-2024-3958,0,0,6a863b448c805f7bc2ecb55496071d989e4d5758f7f91c3bce9d94ca75a26261,2024-08-08T13:04:18.753000 -CVE-2024-39584,0,0,8f97db95ed53bf483dabe0e820d0e0a89fb14f2e16826832ee95065d16e3f24a,2024-08-28T06:15:05.607000 +CVE-2024-39584,0,1,1d0a6aff0073f4836d9654764326ceeb368acd09f92344e463ab3214871c70e5,2024-08-28T12:57:27.610000 CVE-2024-3959,0,0,1ce1302f5c536ae0ba1596a30e53c3274b88d91eb780326b1103788329e8cf86,2024-06-28T13:21:52.223000 CVE-2024-39591,0,0,6df5bfa73938e4812212735bad6342100faddf79ce461f960eaa31dba3eab077,2024-08-13T12:58:25.437000 CVE-2024-39592,0,0,092a544949de7319ae89291bc739a96163c6c0d37a46e6cc9f12df6e56b452d2,2024-07-09T18:19:14.047000 @@ -256411,7 +256411,7 @@ CVE-2024-39746,0,0,6375fbb4b5bb9c905c41c7f4d0b9ebb7e249deb4532114f1d7954e0a6335a CVE-2024-39751,0,0,ca850876f5c8fc4ecaaca63a8428279a2bd033ba704cbd228180dbe8f0c1635b,2024-08-06T16:30:24.547000 CVE-2024-39767,0,0,3e2d929a0dec960247b2d08752313be7fe5d03de12cbd71addbfff64b71f8489,2024-07-16T18:04:02.993000 CVE-2024-3977,0,0,e9ddc667440c6dcbe059212d85a4e046d10d5ad7b4b151b497bb4963c631de68,2024-08-01T13:56:47.833000 -CVE-2024-39771,0,0,b9279717c8e3d7954bec96b205b1303b94db6ba1ee3ba2e0b940dafd589e5915,2024-08-28T06:15:06.233000 +CVE-2024-39771,0,1,3ba9b721b5c229a6c3ffc099ca1090515a4191b0f891c631b67f12313c68d6a9,2024-08-28T12:57:27.610000 CVE-2024-39776,0,0,8b39df47cbc8ffd8596fdbf74b3d83a860b8891919acced573331707234996bf,2024-08-23T16:18:28.547000 CVE-2024-39777,0,0,4bc122687c91590f9c335b41e6e79e33e521fd532335f92edd7cb7db8b08fa07,2024-08-23T14:36:48.817000 CVE-2024-39778,0,0,bb2539eb59e56cbeaf6e7ed7999fae0d5792d390eb9e1100733cc6f4b019e4fc,2024-08-19T16:20:52.980000 @@ -257756,8 +257756,8 @@ CVE-2024-42357,0,0,7b039f202cf78cd0431d1a42b63791f2941347495cf765d1f5a63b9327175 CVE-2024-42358,0,0,3235df447217095f8cbf5213ea3a6f300e00850291878619ee95d2566fd638a9,2024-08-12T18:50:20.967000 CVE-2024-4236,0,0,e2cdfe0d631cec0094aabd9e613a58fc530f718522481021cb8970e2da56a2c3,2024-06-04T19:20:32.960000 CVE-2024-42360,0,0,c0e81a640f58f96b9fc0250139f55b49001f14d12c83fe8a549cad0d8c4e02a6,2024-08-16T20:00:10.467000 -CVE-2024-42361,0,0,884f2c06f56bff6287abe18a482599837d66085323fee1dd0c3a379fc5fd3e8e,2024-08-21T12:30:33.697000 -CVE-2024-42362,0,0,79ea49e8ddc86b510bbf0d755facab7d034abe94003efc142a42ca4b2283474e,2024-08-21T12:30:33.697000 +CVE-2024-42361,0,1,791f81f0cac385a4379efb7a1aa4fdc62e8bbffd5bcdde4e145909424d9e224e,2024-08-28T13:49:50.457000 +CVE-2024-42362,0,1,25fca8ac5e8ac7bce381e03b27abd95b45c4c358dff550b984cd00a130f5a66b,2024-08-28T13:49:47.967000 CVE-2024-42363,0,0,845d80b3d90627c09cd2ebcd1015d3397a70bb5dfd2fb99126f84654bc7633e2,2024-08-21T12:30:33.697000 CVE-2024-42364,0,0,4c3af5024e60bada8ffc9756b86fe112164c9d8aeb4b4858c936071d813f7c5c,2024-08-23T16:18:28.547000 CVE-2024-42365,0,0,cd9316acef63aa01c9388716e86faa1c498776bc0209be92960fb577e4f0b965,2024-08-08T18:55:19.180000 @@ -258612,7 +258612,7 @@ CVE-2024-4494,0,0,48359226f338c9b2ea2806c2c68d5e2ef65a24ac708162309f084eae0ceb81 CVE-2024-44940,0,0,f3c78670c961ed218069273846baa8ab159598a99ca4d39386baf88d3ac01c7d,2024-08-26T12:47:20.187000 CVE-2024-44941,0,0,15a1c7001949731e4df03f4a864ae7a9e64adc22c4c644da2de0836d77651385,2024-08-26T12:47:20.187000 CVE-2024-44942,0,0,17b37362bd3ba24b1a5ce481b72105519e3d684fbcb26bdd0327529225c432f3,2024-08-27T16:09:10.010000 -CVE-2024-44943,0,0,76194d74463ecb40065aff07a3a3d0f213dd09bf47e9155b8334640da2e5d5d8,2024-08-28T08:15:06.963000 +CVE-2024-44943,0,1,5bf597bf2fa044f6eb0ba2afa66eeb4ae405658ddc3b2a597c7fedca3c5f2035,2024-08-28T12:57:17.117000 CVE-2024-4495,0,0,cb1d8bc801c43f7ab8180176a646c9e39a56603c1305eac804522af3adac0fa8,2024-05-17T02:40:25.167000 CVE-2024-4496,0,0,6e858d3d5b48b877aff577f900a80fd10c799bd74cdf4188d346fa0d13641a80,2024-06-04T19:20:39.340000 CVE-2024-4497,0,0,6a1d6365c146727895628930cc6e441179a183396cbc0224f0d3e640240772d3,2024-06-04T19:20:39.437000 @@ -258623,10 +258623,10 @@ CVE-2024-4501,0,0,3baebe0a469dd4bf55eae5f370777b6e334d89a3883f98b03d03b220535343 CVE-2024-4502,0,0,f1f89a01c722d6ef2e85e855b85895e43fc279ff3a13e0257efd22aaa2b4c544,2024-06-04T19:20:39.747000 CVE-2024-4503,0,0,580a13ae85da881d7284f0e9b163135d237ab58a854d76134955e6cc28d662e6,2024-06-04T19:20:39.843000 CVE-2024-45036,0,0,b93ba1b942c2a90c7150ffd72c683d09bcb868f6dc285088962d5acc53d2e2e4,2024-08-27T13:01:37.913000 -CVE-2024-45037,0,0,dc3abcd06f6ee675ef0a41b95ee2573ea870bc5ec84bd2ec59385a0aaaed8788,2024-08-27T19:15:17.583000 -CVE-2024-45038,0,0,f39cb91eef4bcaf71b0eb0f31f12a4674c9c20538a66ae3f81da1e677545ba93,2024-08-27T21:15:07.380000 +CVE-2024-45037,0,1,0a75dee24a9a0746d4b594073f73eebe38a0d6b0ee92331f507c53bf54c314fe,2024-08-28T12:57:39.090000 +CVE-2024-45038,0,1,9bc86932f350806c3a4bfe09c65e8bf9ee10a426832d16050cb88cd3f58d1bd8,2024-08-28T12:57:39.090000 CVE-2024-4504,0,0,db7504bed7bbf326ed6569d421c20101dbf56fa9ab20eccbe7468f7c026f345b,2024-06-04T19:20:39.947000 -CVE-2024-45049,0,0,2be7fdc3f238e6f54b520ba876892e7b549fb5d302a940ca1a84d47d1fed9c93,2024-08-27T21:15:07.603000 +CVE-2024-45049,0,1,2db7654aac013903b19c74b15111e80acc65bf9e641d52dffa75f446b2d1ef2f,2024-08-28T12:57:39.090000 CVE-2024-4505,0,0,4ef7357f00ff85be3b87c4353ae099f1aed84eaee3f1c1bda33ed5ec6e115293,2024-06-04T19:20:40.050000 CVE-2024-4506,0,0,ddf6bfe33c9fb68b792eae19c37cbcf6030ec7e8a9a0c1f6ead94d2f62170a3f,2024-06-04T19:20:40.150000 CVE-2024-4507,0,0,feffcf27ced8e6be5fca9d21b321343c494624929485135b513ee1c93a346051,2024-06-04T19:20:40.250000 @@ -258685,7 +258685,7 @@ CVE-2024-4532,0,0,4fd2f02f0358f1c611846b77f1b0e80bcb1985e07f23fa6a21a71cc2559350 CVE-2024-45321,0,0,37b6c3801843cd19376dfc008024087eb46b0d9a726e5ad21af320498cf91f40,2024-08-27T14:35:13.357000 CVE-2024-4533,0,0,aca3a412ead1ce1343d6f498450801be5e059db6302d74881039b5fe75fb6c09,2024-05-28T12:39:28.377000 CVE-2024-4534,0,0,527a3127a7586bdf18d80cd2b5b17fe74ac5ed6a2aa4ee562148173cc1d9d3e9,2024-08-09T19:35:09.923000 -CVE-2024-45346,0,0,56aaadfa262ffbfea14501e1854a6388a7d745d93b7bda37edbcc7c734cc975d,2024-08-28T08:15:07.033000 +CVE-2024-45346,0,1,d96ae0e99a52b4f2d8312b9452d5cf0ddeac889f7ef355700b624cdd0cd1a7c8,2024-08-28T12:57:17.117000 CVE-2024-4535,0,0,87b4b5e0787ea182ddd9c6fa8e26c59b6c616e4e57e592ee0d6f169678ff9b64,2024-05-28T12:39:28.377000 CVE-2024-4536,0,0,7a5702ddadcf7f48c7c82ca09978f30e343a6d4f259e12cc6fa88068d1723500,2024-05-07T13:39:32.710000 CVE-2024-4537,0,0,2e530ca2c49a8373646367a8e0c1771a783669d0151f9600cf6b8a99b12e73b9,2024-05-07T13:39:32.710000 @@ -258704,9 +258704,9 @@ CVE-2024-4549,0,0,e09f9cdaebb6118867e13a9d3ab643eb98c9f9e356cd137ad04d5c4afde157 CVE-2024-4551,0,0,5eadeaa2a7f21f0b3297f45277617c137a52e984170b931f9145e745d378c040,2024-06-17T12:42:04.623000 CVE-2024-4552,0,0,a910e848f992d4848b5a9057809234cfe8833a167abb01396097dc34db4ca3d3,2024-06-04T16:57:41.053000 CVE-2024-4553,0,0,a1e8f5bd1acd4a97b93bbbe85c146f94099965137fad1ebd49acd106c4b8e00a,2024-05-21T12:37:59.687000 -CVE-2024-4554,0,0,a456aa83770f277b1f62639d7447bd934e4f6dfb0c2914902209d3300336f42b,2024-08-28T07:15:09.330000 -CVE-2024-4555,0,0,e6dbe2379b6d277d6fbf731472b085d23c4b108518dc4257d0755369af3039f3,2024-08-28T07:15:09.830000 -CVE-2024-4556,0,0,ee9b6ec6271de2b8c648e6daa441e734f3c9fc2ef7e871468996350b71b1d33c,2024-08-28T07:15:10.320000 +CVE-2024-4554,0,1,85c234588dffa6aadefbdd2ba8b5ecdec9422dc38ba14c37503abe443a7c918c,2024-08-28T12:57:17.117000 +CVE-2024-4555,0,1,2d6c47296afeedb2c6a7f60677f2d88681b96e578cfefc1913928dc16b7bb873,2024-08-28T12:57:17.117000 +CVE-2024-4556,0,1,7d09fa247082252ffb6b7dda6aa600cf3ff3bf7dd0d9af7b07da29fff8c7a6fb,2024-08-28T12:57:17.117000 CVE-2024-4557,0,0,66c84ceab02c8adff7c7e309e3c388a17800860cf81ce53b59e1c60dda9ffb15,2024-06-28T13:19:24.767000 CVE-2024-4558,0,0,f33120bad100499bf0c3c5e20b119cff8d6ade1c8324fe8cac904ff1ff2e147b,2024-07-30T02:15:08.293000 CVE-2024-4559,0,0,bf46d9d7302afe42ee4323175537eeb1eb701f6d945f2b96b5e6acc4bfa04589,2024-07-03T02:07:46.003000 @@ -259352,7 +259352,7 @@ CVE-2024-5284,0,0,a632d154686ad4201398091156d5b5851cc181b1b36b426c7e50520edad6a7 CVE-2024-5285,0,0,f5fe057b3eff57d7472395b5cf3577db89e74c15c7e806cbb99af18bbf9a648f,2024-08-01T13:59:44.103000 CVE-2024-5286,0,0,e962fadcb8b0d0d0a4155e18c685e9afa8633703c8403a48cdc3bee697298672,2024-08-01T13:59:44.950000 CVE-2024-5287,0,0,13c5ee44df7955897b1f2b3c68a920faa26439fbe1c9c489df67cb947fa427e4,2024-08-01T13:59:45.123000 -CVE-2024-5288,0,0,5de79d67173393cc3de65b536f846b2e40744ad08ee3650bed840ff02b1b527f,2024-08-27T19:15:17.797000 +CVE-2024-5288,0,1,099c1d3c2643003d52a5f473484a6d38731263e3329a5baa027f91acf149389c,2024-08-28T12:57:39.090000 CVE-2024-5289,0,0,a02da373ddf627c39a88f09ba37230dcf191b29c84a32613f97fcb834cd9c524,2024-06-28T13:13:36.980000 CVE-2024-5290,0,0,adacdfd631af0a2d0e8f586387cac872823eb4764e0466b1013d4b9bdcf14abe,2024-08-07T15:17:46.717000 CVE-2024-5291,0,0,a73212295ca40d57df3fe276c935be7cf4995dc49a26ea7361780508749e211f,2024-05-24T01:15:30.977000 @@ -259578,7 +259578,7 @@ CVE-2024-5542,0,0,d325d927a52d1f509b1ce6e9ffc5100192b188f6993c81c75fa5f58cb6e793 CVE-2024-5543,0,0,f598ca7421d38a6202e8d2e9492da6088279af1ca9b6bc3d3d06b2da06113bc4,2024-06-13T18:36:09.013000 CVE-2024-5544,0,0,dc180b504fcb3a2003d6a08111fbd0a7a95f9d21df8e253c1af1716f464343f6,2024-07-05T14:46:56.023000 CVE-2024-5545,0,0,9270f54f7803e859f3c51cd9a03c613d31e2403f79820ead3f02bc3b56a4bf36,2024-07-05T15:12:08.467000 -CVE-2024-5546,0,0,272de38e2e150b0cc292f505e8495f01034447f147d65cc817eb8993ad48b2d5,2024-08-28T09:15:11.103000 +CVE-2024-5546,0,1,c554c215c09d3ca801258c193d3de8fa07df6de63bebe1115c8b7786267f050e,2024-08-28T12:57:17.117000 CVE-2024-5547,0,0,30803f020db51b7398a94ab478cc6cb1ea70aecfbbe13ac1b895b9f9fa592338,2024-07-12T08:15:11.230000 CVE-2024-5548,0,0,6a07d64078300a9d20971a8757a67f3f4682659414ef6d1de11cb6b5c54c02e2,2024-07-12T08:15:11.313000 CVE-2024-5549,0,0,2db2267d047672e6871a7836da6ae7aa97f316bb2880c93f204c63f2960062f6,2024-07-12T08:15:11.390000 @@ -259791,7 +259791,7 @@ CVE-2024-5810,0,0,246ea4a74a1b10a6c799aa82916b249e6dd3093a23af41d24ba222ed5e8773 CVE-2024-5811,0,0,da48fd72e5de418e87b54290fe68d41aecce53c1cabdd1300feebd9e1c56b865,2024-08-01T14:00:00.527000 CVE-2024-5812,0,0,05caee51ca8afdeadb9e9ce4e5c443d53c88017db3fdf90c8036b6c5139928b3,2024-06-13T18:36:45.417000 CVE-2024-5813,0,0,2236ff95e00a2589bc00dc67452394d14ab32423646c535c5a19397b653232d2,2024-06-13T18:36:45.417000 -CVE-2024-5814,0,0,50935ad47c2cda5da17310c47d0b5ed09d7fc5e3f0b855487cd14ffe04185dfd,2024-08-27T20:35:37.640000 +CVE-2024-5814,0,1,b53bcc6c4d3dbc5ee42338ab7ba4d2ddb0869c38491163ed26c8c53f4205a07d,2024-08-28T12:57:39.090000 CVE-2024-5815,0,0,9c0e5d25f32c2dbefca23815fc2b16e88ce81dd54b9a22e21c721a2b2a9cb1cc,2024-07-17T13:34:20.520000 CVE-2024-5816,0,0,3d67952ce4a1b2b1ece947260f0beee9de9f9da521a3f15a0343c5e1d47b81ea,2024-07-17T13:34:20.520000 CVE-2024-5817,0,0,e05abd62bd06ccb376baea6b1d5f924e4e6fb0941dae50b59d4aa5f4c769fe7a,2024-07-17T13:34:20.520000 @@ -259926,7 +259926,7 @@ CVE-2024-5985,0,0,4b7f0c13c1d049ea5b2816f8e8132ec8aee9a2fb74d5d00bf96c05e553a08b CVE-2024-5988,0,0,6a93e103554a4b2cea7532bb149420b2c5e22d63c1fab23818b5950d94f50a5e,2024-06-25T18:50:42.040000 CVE-2024-5989,0,0,5b8da9d53fdfd0fd3971e8489f4ae4ce0e952b56f28f99337bb24ad669904afb,2024-06-25T18:50:42.040000 CVE-2024-5990,0,0,815ffdec6ed9055e0c29635260b790d8ae8601700cacf3380cde4c3f20ff7240,2024-06-25T18:50:42.040000 -CVE-2024-5991,0,0,5f21d4fac46762b4d89f6869fc7d9b7fdb82ba7ff968eb711f41a5033f557fc7,2024-08-27T19:15:18.080000 +CVE-2024-5991,0,1,e082a26a3412cd6203ddcff1c59506086c1e6d36fa06530b6a36731be74810dd,2024-08-28T12:57:39.090000 CVE-2024-5992,0,0,71d2329832d35306ba58326f8edc972973ae3f2f48367fcc1028f4ed5d9fb912,2024-07-09T18:19:14.047000 CVE-2024-5993,0,0,b45a0ae570b278a2a66647d60174ec8036c753d27cba9d6e9660698bbc3fa2d6,2024-07-09T18:19:14.047000 CVE-2024-5994,0,0,c1974f8e417911883c192155213f25e6e809cb75c20fd828172f5e744b8258d3,2024-06-17T12:42:04.623000 @@ -260186,8 +260186,8 @@ CVE-2024-6307,0,0,a6037df0fa8617c9aaeffdc703000fa7423e885d439338f30eb38eb0279e87 CVE-2024-6308,0,0,12cda7fc9db6b7d83d3e1c89cfc2efc823dbf7a87e765e6ea66a01700b6fc7c7,2024-08-23T16:44:39.510000 CVE-2024-6309,0,0,81d9ed106c3d88c28590c6ed22c5b32147121a952907a1333c0b11de5b47c5b3,2024-07-09T18:19:14.047000 CVE-2024-6310,0,0,c979f814f3e48b96dc9635b552e8c56621ee7c90068be27a9e484f3e9730aa89,2024-07-09T18:19:14.047000 -CVE-2024-6311,0,0,0067df69d254449f382b61817ebd77abbfc04f0e536c00de163a29295a3f8707,2024-08-28T07:15:10.800000 -CVE-2024-6312,0,0,1aee5ca145183f23da3395a672d1354aff55ab25ea9e4f756bc7e0368ae6e03c,2024-08-28T07:15:11.413000 +CVE-2024-6311,0,1,43ed4cd2e3b736026c6c6822a2a9a27bcf942d5fa1856d8c3b333f30284585f6,2024-08-28T12:57:17.117000 +CVE-2024-6312,0,1,8eb85e71d9552d97c872fee9592ac73576ff7ceccb8ebd8b5bc64dc9b965a6f5,2024-08-28T12:57:17.117000 CVE-2024-6313,0,0,3f3a1eb3f6568b25e7e4a0a5a221dc14475a69801be2f42305fb08dd6e12247b,2024-07-09T18:19:14.047000 CVE-2024-6314,0,0,d18fb3c15bbc48d64598d0e894895cc32debae6dd1aff2381c9e4370989d88ec,2024-07-09T18:19:14.047000 CVE-2024-6315,0,0,fab08e85f8b8e3173e728e58aba1b4c74bfe4a8ce767294e3e8e784d2124e746,2024-08-06T16:30:24.547000 @@ -260290,7 +260290,9 @@ CVE-2024-6439,0,0,17c8c0dedf84f798cc0f5ae1eb12bcfee8d03a9530b75eee07a6ecb983f8a0 CVE-2024-6440,0,0,2c5be04f311531a7679fd469afc24458b735968d4c5b698cdcf03804f39d3eef,2024-07-02T17:58:15.410000 CVE-2024-6441,0,0,15383e1684ea64dc1d374e71fe60467b8bfc18bde94b0e73415ebe68688c2118,2024-07-02T17:44:45.700000 CVE-2024-6447,0,0,45fe1e3b45bb9052a54143ac6931092e1b37ff897cd56aa11e3df59780bc06cb,2024-07-11T13:05:54.930000 -CVE-2024-6448,0,0,ab80189f89a1d6fd27932b4b105aa1c2dc711489862970e9723405c05b0a5264,2024-08-28T04:15:11.320000 +CVE-2024-6448,0,1,29c9fba3b86c8e9eb615a2e1f73377ed9eea71e4eb21902a2662b1cd45074970,2024-08-28T12:57:27.610000 +CVE-2024-6449,1,1,409c0fcb928b48e75dd8739da433d4c82c6f5bbdd29a3410dc0ebd549313b1b9,2024-08-28T12:57:17.117000 +CVE-2024-6450,1,1,74d914f08533b12f639ab7397a863aecf56083c839bd046ce7cc7975a6952184,2024-08-28T12:57:17.117000 CVE-2024-6451,0,0,6a9c0fb65fad3a5f99e557f5250ddd026fdc81cb51b281650e16075ca1a8cd9e,2024-08-19T17:35:23.417000 CVE-2024-6452,0,0,c694c1bdf54902e69172121aae2a54d0747cfc16750499c01d3cf3c9c6ef3263,2024-07-03T12:53:24.977000 CVE-2024-6453,0,0,997e33861988fe67139dbc94cb45099acca0539b377b12d39324c5c718a66e9d,2024-08-21T14:37:10.103000 @@ -260813,7 +260815,7 @@ CVE-2024-7264,0,0,12a75b53a7f63996bb7b4af3d1a6b7462e167bb63f5a12a5607f29e5ee6358 CVE-2024-7265,0,0,7744849ec550e14a15ade5689dd13e89a671dd2d7872009d179abef8fe868c92,2024-08-23T15:09:29.843000 CVE-2024-7266,0,0,6254ba9d278e387df53e686fa5a3601176a5b5e90ff24b9b7119a368e812b840,2024-08-23T15:09:51.707000 CVE-2024-7267,0,0,d99f3d8b6ba6fe3542d0e70da6abdfbfdfd1dfb75ac1c1edca9979fafd8e77bc,2024-08-23T15:12:23.453000 -CVE-2024-7269,1,1,a77519fd0374b46612c6d101347df516048b299e90fb25546ab1390d15bf6cc8,2024-08-28T11:15:13.850000 +CVE-2024-7269,0,1,b640c119e271cb4b5a6a6cb7e4e0dcae34dab1b0d62b4ab4f61f7960472ac573,2024-08-28T12:57:17.117000 CVE-2024-7272,0,0,a75598507b088cf5d38e53c97b1d09abbaa1cacf367aa16e740665d3e61a447d,2024-08-13T15:16:23.837000 CVE-2024-7273,0,0,a61ca64a6342f77fae831271fd2a6739b41d99aa7d580eadbf400f237355e05e,2024-08-13T16:10:45.057000 CVE-2024-7274,0,0,42267a3d3600167277031a12316bb396bcb62aa3302bf81726cca9e052e280df,2024-08-13T16:10:42.520000 @@ -260938,6 +260940,7 @@ CVE-2024-7443,0,0,6fd967d6e919ba4fd37dfeb9ebba86f65e44a71c337f483ada629ef6535926 CVE-2024-7444,0,0,ca3d64055e225d6b5e8eee0e0444f0cb79935fb72609b2a9f4d68e4b74c3192c,2024-08-20T19:56:15.850000 CVE-2024-7445,0,0,cfdc75d4fec77cd886589c658aa3dd464f31452c81f68546e40e8c22e50a8eed,2024-08-09T15:36:06.757000 CVE-2024-7446,0,0,e26be21c8dbcfe67dfe123a70d3d827309d2b8d2fde731242ee6ec383c477df8,2024-08-09T15:36:35.453000 +CVE-2024-7447,1,1,6dddf53dfbb8f62511abb82e7501d546503c2e4fba6b3dca7313136123481b92,2024-08-28T12:57:17.117000 CVE-2024-7448,0,0,45c3f7d454a0be35da8c66f5dc9a08909cac5ebb23ff5c9ca2703711c198acbe,2024-08-23T16:54:45.410000 CVE-2024-7449,0,0,31b14531757b0311680dadfa626760cb5034a4ff48ce18c613a332462c638a89,2024-08-20T19:49:11.947000 CVE-2024-7450,0,0,f36a88ecb7cf7b37b6090837acfb29fe52cc382469b7cf045e11a727c85c93f7,2024-08-09T15:33:58.153000 @@ -261027,7 +261030,7 @@ CVE-2024-7567,0,0,8d84928fabcffd92f0ffc65ee27fdbbaa4428b293e351afb4071fd1cdbd8df CVE-2024-7568,0,0,d240e1c33af9e03c75feb4937b0ddf33906a854d9c30167cff3fa79482350e46,2024-08-26T12:47:20.187000 CVE-2024-7569,0,0,07c556a0d4f236c73af8fac785c7f2963a3da01e4fc90b977a8fbdbb98959074,2024-08-14T02:07:05.410000 CVE-2024-7570,0,0,5fffab459f0b197c9cc8f01b0f615f787054152c65ebadc4d4a680afc4fd51fa,2024-08-14T02:07:05.410000 -CVE-2024-7573,0,0,4edfde06b0634739083f1674936b312b790c04557e93c50bad49775f6fbe4b07,2024-08-28T03:15:03.803000 +CVE-2024-7573,0,1,7b157c1bc586485011758f6317cb8548eaad83544501bf2e76c604287d08292a,2024-08-28T12:57:27.610000 CVE-2024-7574,0,0,20d9970481b83bc1831e248b5fd88e17f245f697fcf3310f9ca87d287eec943e,2024-08-12T13:41:36.517000 CVE-2024-7578,0,0,6775b71bfb147f33ac75e26864dff0d49501fe87846b04dfe823255ec77604d5,2024-08-07T15:17:46.717000 CVE-2024-7579,0,0,889817c5384ba36003787d6aa90c4889164dbbf7f4fbfe5c6f0287e20d3cf6ed,2024-08-07T15:17:46.717000 @@ -261047,7 +261050,7 @@ CVE-2024-7601,0,0,db9958425836572eda0b52c7e651aff0e41e4dc47ec55ea348bc5752e1b198 CVE-2024-7602,0,0,1295ede0549ca488da522cbefe2db5abad88498e69c53af1f38f0ee81eb69b62,2024-08-23T16:36:11.690000 CVE-2024-7603,0,0,026c301c8508bb2890d37936199245036e5a5160d5195c848eb9252477eef559,2024-08-23T16:36:28.327000 CVE-2024-7604,0,0,2ca377c2d37b9340c6f7d1612379ed11f338df19f0e6ffae40ca1da8c016df51,2024-08-23T16:37:09.107000 -CVE-2024-7608,0,0,24e65f76667167bfc90e0c8a9580fcd6b3bf8aeedafdcb3afacbe4c79bf429fd,2024-08-28T09:15:11.340000 +CVE-2024-7608,0,1,b8872988f702757177432eab77e95a14e7cc629ce3c064dd49371a09c8fc5a16,2024-08-28T12:15:06.900000 CVE-2024-7610,0,0,a10689bea1d0fbdec4f1b8819e74182773158d5010cb9fbea2ce46532922c645,2024-08-08T13:04:18.753000 CVE-2024-7613,0,0,595ae1d3f56b81eeb34ef1e184ddf7962f3a8fbfc042ff77a8fcf0bd3f10f263,2024-08-21T18:47:11.523000 CVE-2024-7614,0,0,70ea68e630891f9909a0a8afd3fe5566dad840edc8df033b5c308064cf074a69,2024-08-21T18:48:47.273000 @@ -261268,7 +261271,7 @@ CVE-2024-8007,0,0,52ca9c0e82e8a1b579386af92379a7290d3dc66a84196be21e42591213ed68 CVE-2024-8011,0,0,b9eccdb873cdee0aa4aaf727a8d55e87a8f1a6dcd35fe88e6cae24de39ee4994,2024-08-26T12:47:20.187000 CVE-2024-8022,0,0,469d074c70ed4d6e1b7ca7023005d3bb3e3f23419b5a39b3540fd69e34fadcaa,2024-08-21T12:30:33.697000 CVE-2024-8023,0,0,7f1c10536d9d4e1a728f09b10c1ff35f77d0bba503a7c61c411fbfd5f6584d46,2024-08-21T12:30:33.697000 -CVE-2024-8030,0,0,00ce7c9221bbac0883b6d46c5dc8aba46eda56f29140def501e8da2ff55616a3,2024-08-28T03:15:04.040000 +CVE-2024-8030,0,1,b6f55198da4c8a890918e236b9cb91502d6b60f60aed340690526a7aff836eb3,2024-08-28T12:57:27.610000 CVE-2024-8033,0,0,bc1d961345030012faa7942ae80f05081f947cf441680ad49c3fcb3512e2fcdc,2024-08-27T19:39:04.953000 CVE-2024-8034,0,0,990fb53670bf6f787a3d54c0392722fc0a67a939e8056c22142bc6f2bee92a38,2024-08-22T17:35:30.003000 CVE-2024-8035,0,0,e11fe8c378f080395f404658baee2e1c5cd70ef826bdf0b13fe46f85c653ad4a,2024-08-22T17:33:37.407000 @@ -261344,24 +261347,24 @@ CVE-2024-8200,0,0,d43bb5c61e83498550affa212dfef3001c48e0b48cb46337b88a2d4649830c CVE-2024-8207,0,0,498323e8227fa40c3fd29b85835950264192b60730f689cfc748d515dfd6f7ad,2024-08-27T13:01:37.913000 CVE-2024-8208,0,0,c0546cf56f335de149e039eaf41ddcfe92498da6cf6c84b8fa1c52ddaf26fb1f,2024-08-27T18:33:14.247000 CVE-2024-8209,0,0,55f7ec189eb87638165e40939313326ea0521e4ed80e56afdb88c580a7b1c999,2024-08-27T18:33:14.247000 -CVE-2024-8210,0,0,d8858e0da615a99ba4a7987d4afe11db96b004b714d3b7c008b8096e30056f73,2024-08-27T19:15:18.250000 -CVE-2024-8211,0,0,dd10850c7586b7f2b5b17b7368d910a3fefc07e7abe62303615c718ed57e06ca,2024-08-27T19:15:18.553000 -CVE-2024-8212,0,0,9359cac8d24cacbaaff53aac7a6931dd1290b1cb06c307e44d6477943b885018,2024-08-27T20:15:09.110000 -CVE-2024-8213,0,0,554ef8a07c21000a3c28fa3137dc451e497a37772f5285c24f9db0444ba594f4,2024-08-27T20:15:09.423000 -CVE-2024-8214,0,0,4dcb7a15d1cc670379c05fdff2368f173d7ee90b98293405187577c84be9eab8,2024-08-27T20:15:09.703000 -CVE-2024-8216,0,0,ea0a96f241a82a6bacd9dc0a45665c2b7cf613b02d047fabb667e4dac6f4047d,2024-08-27T21:15:07.830000 -CVE-2024-8217,0,0,83dbfc4fd39640675ea565d305d5258f4dc6ee330612479a4471b08e5f24e751,2024-08-27T21:15:08.093000 -CVE-2024-8218,0,0,275286facfab355dcab0ffc6ade0f42bc2448af93fe871d1f2d5b5f4323a3a55,2024-08-27T21:15:08.350000 -CVE-2024-8219,0,0,f8ee496087bbe42bb625176d48dec98fe3e35ae622a0495aa6294d22ad10f956,2024-08-27T22:15:05.340000 -CVE-2024-8220,0,0,46dfae50e6d4bb08b354ff635eaed92e5e796757e31385ca85fda28818597d8d,2024-08-27T22:15:05.630000 -CVE-2024-8221,0,0,0a7d8161c0d4de2f776fc856b85a320cd0c3f55d8cf461808a145d7852c90043,2024-08-27T22:15:05.877000 -CVE-2024-8222,0,0,44c5b2cbec3822d2efcf28c5048900bb2633b04acc07eb5f974f81f8787fd8a8,2024-08-27T23:15:03.360000 -CVE-2024-8223,0,0,318a18f1fc7a248ee76fa735a5f5699330afe72edfaed1652605f6eb432340c6,2024-08-27T23:15:03.650000 -CVE-2024-8224,0,0,eb7cb01b938be3eaac784d7e44c25b862e816031a4c497d52444444152036dd6,2024-08-27T23:15:03.920000 -CVE-2024-8225,0,0,ca0de8328fcbb42cd7e0ff1df0545bdf503ea6a3a0f00b3aceb9d787ed4f5703,2024-08-27T23:15:04.207000 -CVE-2024-8226,0,0,cbf3e6b4ecb22d791af519216cb74fcbbc4675f6578fc71e665cf18ff769fb0e,2024-08-28T00:15:04.287000 -CVE-2024-8227,0,0,a036a7f97a355b868f01141cc25f285783295937f6676075846a401b1d9db578,2024-08-28T00:15:04.550000 -CVE-2024-8228,0,0,5719f117108fdb054512e608abc92c258925393788847819dabc02b4916c814c,2024-08-28T00:15:04.807000 -CVE-2024-8229,0,0,28ccc44a317b55190aff96c74708939b911208b845cddaf380e938baf9975c94,2024-08-28T01:15:03.353000 -CVE-2024-8230,0,0,03136ea8b2fa697ab09a986a8a488853f579389bbcc62375546cca953b719802,2024-08-28T02:15:03.850000 -CVE-2024-8231,0,0,7c8bbf401d9aa7b68100511198a1f39b35671adfe785c423facd19368e5a4fbc,2024-08-28T02:15:04.160000 +CVE-2024-8210,0,1,0f20faea29960531878b9d44b5de81c4bb8a136a66158d050d0fa865804f0894,2024-08-28T12:57:39.090000 +CVE-2024-8211,0,1,fbbbd446184367b256f503f7804d41b1c530b86aa2566de0bfd744ef8511b597,2024-08-28T12:57:39.090000 +CVE-2024-8212,0,1,0495e818b2a8ffb3c8d9bfdc3c2659f50e7f2df7f2d438a46de57d9fb0868aa0,2024-08-28T12:57:39.090000 +CVE-2024-8213,0,1,124c271d4a9bfa266640967701eae7005c193e0bf7c26fe10ed980e82caf7396,2024-08-28T12:57:39.090000 +CVE-2024-8214,0,1,0e71514d1196df73659483cfece536cdc9a857169c79a9d67bb3c00b7612c9ef,2024-08-28T12:57:39.090000 +CVE-2024-8216,0,1,cb8d40f1436fd080c23eac460f15b674ed31f0ca2443501d4312cfd722c5239b,2024-08-28T12:57:39.090000 +CVE-2024-8217,0,1,4988ac117fe94e84368bc0e3a617d8f1f584c5cedecf248951a42378cfe7419c,2024-08-28T12:57:39.090000 +CVE-2024-8218,0,1,42f4d3535de6c450374afc39831562b8ce54446cfa93a0e43661a89084ae32b5,2024-08-28T12:57:39.090000 +CVE-2024-8219,0,1,020217c5f2d4383e3e6ac15530b38b75eed50aa2ee6b802fcdbebeda98fe0244,2024-08-28T12:57:39.090000 +CVE-2024-8220,0,1,79815378c415ba150d03dc0ebe37ccd2a486636c23004eb5186e3fb1795d368e,2024-08-28T12:57:39.090000 +CVE-2024-8221,0,1,578463535413c16483b54d916ab80fbf1eb0a10264710445cc934689a1d54c38,2024-08-28T12:57:27.610000 +CVE-2024-8222,0,1,14448de6e80fe93264d9439a41f3f54e2047d8e17a0c089fe04e8f0d015539f8,2024-08-28T12:57:27.610000 +CVE-2024-8223,0,1,5777afdaace31dd8b930d8f2b9e90c448d52c58232b2719e7e710ac00f1783a0,2024-08-28T12:57:27.610000 +CVE-2024-8224,0,1,451d9d18d3a1ba287940e19b9460b106889ad43147ac3b71630894a949173248,2024-08-28T12:57:27.610000 +CVE-2024-8225,0,1,d6e1ce99a6072be0a29dcbfff4a3742d05ba5ab213239c917bbdadd477061396,2024-08-28T12:57:27.610000 +CVE-2024-8226,0,1,8c49cc0a485bfe5493056f2e275744004fa15a6a95412c69c80b3b1ea3ab1cf3,2024-08-28T12:57:27.610000 +CVE-2024-8227,0,1,d97da83fce481b16cc43de005839ed9fd237d781dd1d9b7d00c429ed02944807,2024-08-28T12:57:27.610000 +CVE-2024-8228,0,1,f6f2f604b2994b6358da5c57cbd126dd599c69f492b0a42e2dcce4ce9660aad8,2024-08-28T12:57:27.610000 +CVE-2024-8229,0,1,90c164becae9336c40f70b392760fa51d5bec7feebb0ba5857169c6fbfa3c00b,2024-08-28T12:57:27.610000 +CVE-2024-8230,0,1,c17f4a35f0c9cecdbf9fd03893914aaf348c2dd62cc57f400e5ed276c8c58298,2024-08-28T12:57:27.610000 +CVE-2024-8231,0,1,19b769716e3fff898a72bf0ee7d68779b61ab99af63bed31a0498759613ebd4e,2024-08-28T12:57:27.610000