mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-05 10:18:41 +00:00
Auto-Update: 2024-12-29T03:00:19.366387+00:00
This commit is contained in:
cad-safe-bot
parent
b113a71d6e
commit
2ffe26a616
@ -12,7 +12,7 @@
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El servicio miniigd SOAP en Realtek SDK permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud NewInternalClient manipulada."
|
||||
"value": "El servicio SOAP miniigd en Realtek SDK permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud NewInternalClient manipulada espec\u00edficamente, como se explot\u00f3 de forma activa hasta 2023."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2015-01-23T21:59:00.050",
|
||||
"lastModified": "2024-11-21T02:22:47.480",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-12-23T23:15:05.720",
|
||||
"lastModified": "2024-12-23T23:15:05.720",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability, which was classified as critical, has been found in webuidesigning NebulaX Theme up to 5.0 on WordPress. This issue affects the function nebula_send_to_hubspot of the file libs/Legacy/Legacy.php. The manipulation leads to sql injection. The attack may be initiated remotely. The patch is named 41230a81db0f671c570c2644bc2f80565ca83c5a. It is recommended to apply a patch to fix this issue."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad clasificada como cr\u00edtica ha sido encontrada en webuidesigning NebulaX Theme hasta 5.0 en WordPress. Este problema afecta la funci\u00f3n nebula_send_to_hubspot del archivo libs/Legacy/Legacy.php. La manipulaci\u00f3n conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. El parche se llama 41230a81db0f671c570c2644bc2f80565ca83c5a. Se recomienda aplicar un parche para solucionar este problema."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "secalert_us@oracle.com",
|
||||
"published": "2024-12-24T19:15:05.757",
|
||||
"lastModified": "2024-12-24T19:15:05.757",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iStore, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iStore accessible data as well as unauthorized update, insert or delete access to some of Oracle iStore accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N)."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad en el producto Oracle iStore de Oracle E-Business Suite (componente: Shopping Cart). Las versiones compatibles que se ven afectadas son 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 y 12.2.8. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante no autenticado con acceso a la red a trav\u00e9s de HTTP comprometa Oracle iStore. Los ataques exitosos requieren la interacci\u00f3n humana de una persona distinta del atacante y, si bien la vulnerabilidad est\u00e1 en Oracle iStore, los ataques pueden afectar significativamente a productos adicionales (cambio de alcance). Los ataques exitosos de esta vulnerabilidad pueden resultar en acceso no autorizado a datos cr\u00edticos o acceso completo a todos los datos accesibles de Oracle iStore, as\u00ed como acceso no autorizado a actualizaciones, inserci\u00f3n o eliminaci\u00f3n de algunos de los datos accesibles de Oracle iStore. Puntaje base CVSS 3.0 8.2 (impactos en la confidencialidad y la integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N)."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@fortinet.com",
|
||||
"published": "2024-12-19T08:15:11.770",
|
||||
"lastModified": "2024-12-19T08:15:11.770",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@fortinet.com",
|
||||
"published": "2024-12-19T11:15:05.700",
|
||||
"lastModified": "2024-12-19T11:15:05.700",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@fortinet.com",
|
||||
"published": "2024-12-19T11:15:06.930",
|
||||
"lastModified": "2024-12-19T11:15:06.930",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:06.310",
|
||||
"lastModified": "2024-12-27T10:15:06.310",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:09.710",
|
||||
"lastModified": "2024-12-27T10:15:09.710",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en hwclock.13-v2.27 que permite a los atacantes obtener privilegios aumentados o ejecutar comandos arbitrarios a trav\u00e9s del par\u00e1metro de ruta al configurar la fecha."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T17:15:07.160",
|
||||
"lastModified": "2024-11-21T05:33:21.110",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "hp-security-alert@hp.com",
|
||||
"published": "2024-12-19T19:15:06.030",
|
||||
"lastModified": "2024-12-19T19:15:06.030",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:10.313",
|
||||
"lastModified": "2024-12-27T10:15:10.313",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:10.937",
|
||||
"lastModified": "2024-12-27T10:15:10.937",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:11.687",
|
||||
"lastModified": "2024-12-27T10:15:11.687",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:12.217",
|
||||
"lastModified": "2024-12-27T10:15:12.217",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:12.800",
|
||||
"lastModified": "2024-12-27T10:15:12.800",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:13.487",
|
||||
"lastModified": "2024-12-27T10:15:13.487",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:14.037",
|
||||
"lastModified": "2024-12-27T10:15:14.037",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:14.620",
|
||||
"lastModified": "2024-12-27T10:15:14.620",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:15.270",
|
||||
"lastModified": "2024-12-27T10:15:15.270",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:15.930",
|
||||
"lastModified": "2024-12-27T10:15:15.930",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-20T02:15:05.150",
|
||||
"lastModified": "2024-12-20T18:15:23.860",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Existe una vulnerabilidad de autenticaci\u00f3n insuficiente en algunos tel\u00e9fonos inteligentes Huawei. Un atacante local no autenticado puede manipular un paquete de software para explotar esta vulnerabilidad. Debido a una verificaci\u00f3n insuficiente, una explotaci\u00f3n exitosa puede afectar el servicio. (Identificador de vulnerabilidad: HWPSIRT-2019-12302) A esta vulnerabilidad se le ha asignado un identificador de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-9250."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-27T10:15:16.610",
|
||||
"lastModified": "2024-12-27T10:15:16.610",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T19:15:07.063",
|
||||
"lastModified": "2024-11-21T05:46:36.977",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-12-19T00:15:04.710",
|
||||
"lastModified": "2024-12-19T00:15:04.710",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T18:15:07.907",
|
||||
"lastModified": "2024-11-21T05:46:46.143",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "security@opentext.com",
|
||||
"published": "2024-12-19T17:15:06.527",
|
||||
"lastModified": "2024-12-19T17:15:06.527",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@fortinet.com",
|
||||
"published": "2024-12-19T08:15:14.717",
|
||||
"lastModified": "2024-12-19T08:15:14.717",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@fortinet.com",
|
||||
"published": "2024-12-19T14:15:05.380",
|
||||
"lastModified": "2024-12-19T14:15:05.380",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@fortinet.com",
|
||||
"published": "2024-12-19T11:15:07.103",
|
||||
"lastModified": "2024-12-19T11:15:07.103",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-12-19T00:15:04.873",
|
||||
"lastModified": "2024-12-19T00:15:04.873",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@fortinet.com",
|
||||
"published": "2024-12-19T13:15:05.707",
|
||||
"lastModified": "2024-12-19T17:15:07.167",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-12-19T01:15:05.463",
|
||||
"lastModified": "2024-12-19T01:15:05.463",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secalert_us@oracle.com",
|
||||
"published": "2024-12-24T19:15:06.763",
|
||||
"lastModified": "2024-12-27T17:15:06.320",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T19:15:07.263",
|
||||
"lastModified": "2024-11-21T06:46:42.210",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-03-05T20:16:00.620",
|
||||
"lastModified": "2024-11-21T06:46:45.170",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "security@qnapsecurity.com.tw",
|
||||
"published": "2024-12-19T02:15:21.300",
|
||||
"lastModified": "2024-12-19T02:15:21.300",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "security@qnapsecurity.com.tw",
|
||||
"published": "2024-12-19T02:15:21.493",
|
||||
"lastModified": "2024-12-19T02:15:21.493",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-20T02:15:05.320",
|
||||
"lastModified": "2024-12-20T18:15:25.070",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "There is an insufficient input verification vulnerability in Huawei product. Successful exploitation of this vulnerability may lead to service abnormal. (Vulnerability ID: HWPSIRT-2022-76192)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32144."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Existe una vulnerabilidad de verificaci\u00f3n de entrada insuficiente en un producto Huawei. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar un funcionamiento anormal del servicio. (ID de vulnerabilidad: HWPSIRT-2022-76192) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposici\u00f3n com\u00fan (CVE): CVE-2022-32144."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-20T03:15:05.967",
|
||||
"lastModified": "2024-12-20T03:15:05.967",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32203."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en el producto de impresora de terminal Huawei. Si se explota con \u00e9xito, se podr\u00edan obtener los privilegios m\u00e1s altos de la impresora. (ID de vulnerabilidad: HWPSIRT-2022-51773) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposici\u00f3n com\u00fan (CVE): CVE-2022-32203."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-20T03:15:06.133",
|
||||
"lastModified": "2024-12-20T03:15:06.133",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "There is an improper input verification vulnerability in Huawei printer product. Successful exploitation of this vulnerability may cause service abnormal. (Vulnerability ID: HWPSIRT-2022-87185)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32204."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Existe una vulnerabilidad de verificaci\u00f3n de entrada incorrecta en el producto de impresora Huawei. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar un funcionamiento anormal del servicio. (ID de vulnerabilidad: HWPSIRT-2022-87185) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposici\u00f3n com\u00fan (CVE): CVE-2022-32204."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-12-19T01:15:06.773",
|
||||
"lastModified": "2024-12-19T01:15:06.773",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "psirt@huawei.com",
|
||||
"published": "2024-12-20T03:15:06.267",
|
||||
"lastModified": "2024-12-20T03:15:06.267",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Huawei printers have an input verification vulnerability. Successful exploitation of this vulnerability may cause device service exceptions. (Vulnerability ID: HWPSIRT-2022-80078)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-34159."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las impresoras Huawei tienen una vulnerabilidad de verificaci\u00f3n de entrada. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar excepciones en el servicio del dispositivo. (ID de vulnerabilidad: HWPSIRT-2022-80078) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposici\u00f3n com\u00fan (CVE): CVE-2022-34159."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "talos-cna@cisco.com",
|
||||
"published": "2024-12-18T23:15:07.060",
|
||||
"lastModified": "2024-12-18T23:15:07.060",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "talos-cna@cisco.com",
|
||||
"published": "2024-12-18T23:15:07.243",
|
||||
"lastModified": "2024-12-18T23:15:07.243",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-02-17T17:15:07.577",
|
||||
"lastModified": "2024-11-21T07:23:45.837",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-02-17T17:15:07.790",
|
||||
"lastModified": "2024-11-21T07:23:45.953",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-02-23T19:15:08.243",
|
||||
"lastModified": "2024-11-21T07:27:15.937",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:05.067",
|
||||
"lastModified": "2024-12-19T00:15:05.067",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:05.237",
|
||||
"lastModified": "2024-12-19T00:15:05.237",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:05.400",
|
||||
"lastModified": "2024-12-19T00:15:05.400",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:05.567",
|
||||
"lastModified": "2024-12-19T00:15:05.567",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:05.727",
|
||||
"lastModified": "2024-12-19T00:15:05.727",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:05.880",
|
||||
"lastModified": "2024-12-19T00:15:05.880",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:06.037",
|
||||
"lastModified": "2024-12-19T00:15:06.037",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:06.200",
|
||||
"lastModified": "2024-12-19T00:15:06.200",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:06.360",
|
||||
"lastModified": "2024-12-19T00:15:06.360",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Defectos de configuraci\u00f3n en el m\u00f3dulo del sistema operativo seguro. La explotaci\u00f3n exitosa de esta vulnerabilidad afectar\u00e1 la disponibilidad."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Defectos de configuraci\u00f3n en el m\u00f3dulo del sistema operativo seguro. La explotaci\u00f3n exitosa de esta vulnerabilidad afectar\u00e1 la disponibilidad."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-12-27T14:15:22.533",
|
||||
"lastModified": "2024-12-27T14:15:22.533",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2024-12-19T00:15:06.530",
|
||||
"lastModified": "2024-12-19T00:15:06.530",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "security@qnapsecurity.com.tw",
|
||||
"published": "2024-12-19T02:15:21.687",
|
||||
"lastModified": "2024-12-19T02:15:21.687",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "security@qnapsecurity.com.tw",
|
||||
"published": "2024-12-19T02:15:21.863",
|
||||
"lastModified": "2024-12-19T02:15:21.863",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "security@qnapsecurity.com.tw",
|
||||
"published": "2024-12-19T02:15:22.033",
|
||||
"lastModified": "2024-12-19T02:15:22.033",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T18:15:08.450",
|
||||
"lastModified": "2024-11-21T07:46:16.183",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-04T14:16:01.720",
|
||||
"lastModified": "2024-11-21T07:52:34.810",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T18:15:08.657",
|
||||
"lastModified": "2024-11-21T07:56:16.500",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "En las plataformas Unix, el entorno de ejecuci\u00f3n de Go no se comporta de forma diferente cuando se ejecuta un binario con los bits setuid/setgid. Esto puede ser peligroso en ciertos casos, como cuando se vuelca el estado de la memoria o se asume el estado de los descriptores de archivos de E/S est\u00e1ndar. Si se ejecuta un binario setuid/setgid con los descriptores de archivos de E/S est\u00e1ndar cerrados, la apertura de cualquier archivo puede provocar que se lea o escriba contenido inesperado con privilegios elevados. De manera similar, si se finaliza un programa setuid/setgid, ya sea por p\u00e1nico o se\u00f1al, puede filtrar el contenido de sus registros."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-12-19T02:15:22.223",
|
||||
"lastModified": "2024-12-19T02:15:22.223",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "security@sierrawireless.com",
|
||||
"published": "2024-12-21T00:15:27.100",
|
||||
"lastModified": "2024-12-21T00:15:27.100",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The AirVantage platform is vulnerable to an unauthorized attacker registering previously unregistered \ndevices on the AirVantage platform when the owner has not disabled the AirVantage Management \nService on the devices or registered the device. This could enable an attacker to configure, manage, \nand execute AT commands on an unsuspecting user\u2019s devices."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La plataforma AirVantage es vulnerable a que un atacante no autorizado registre dispositivos que no estaban registrados previamente en la plataforma AirVantage cuando el propietario no ha desactivado el servicio de administraci\u00f3n de AirVantage en los dispositivos ni ha registrado el dispositivo. Esto podr\u00eda permitir que un atacante configure, administre y ejecute comandos AT en los dispositivos de un usuario desprevenido."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "security@sierrawireless.com",
|
||||
"published": "2024-12-21T00:15:27.603",
|
||||
"lastModified": "2024-12-21T00:15:27.603",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An AirVantage online Warranty Checker tool vulnerability could allow an attacker to \nperform bulk enumeration of IMEI and Serial Numbers pairs. The AirVantage Warranty Checker is updated to no longer return the IMEI and Serial \nNumber in addition to the warranty status when the Serial Number or IMEI is used to look up \nwarranty status."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad en la herramienta de verificaci\u00f3n de garant\u00eda en l\u00ednea de AirVantage podr\u00eda permitir que un atacante realice una enumeraci\u00f3n masiva de pares de IMEI y n\u00fameros de serie. La herramienta de verificaci\u00f3n de garant\u00eda de AirVantage se ha actualizado para que ya no muestre el IMEI y el n\u00famero de serie adem\u00e1s del estado de la garant\u00eda cuando se utiliza el n\u00famero de serie o el IMEI para buscar el estado de la garant\u00eda."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-03-13T10:15:07.413",
|
||||
"lastModified": "2024-11-21T08:03:08.307",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se solucion\u00f3 un problema de corrupci\u00f3n de memoria con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en macOS Ventura 13.3, Safari 16.4, iOS 16.4 y iPadOS 16.4, iOS 15.7.7 y iPadOS 15.7.7. El procesamiento de contenido web puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Apple tiene conocimiento de un informe que indica que este problema puede haberse explotado activamente en versiones de iOS publicadas antes de iOS 15.7."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "En Progress MOVEit Transfer antes de 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5) y 2023.0.1 (15.0.1), se ha encontrado una vulnerabilidad de inyecci\u00f3n SQL en la aplicaci\u00f3n web MOVEit Transfer que podr\u00eda permitir que un atacante no autenticado obtenga acceso a la base de datos de MOVEit Transfer. Seg\u00fan el motor de base de datos que se utilice (MySQL, Microsoft SQL Server o Azure SQL), un atacante puede inferir informaci\u00f3n sobre la estructura y el contenido de la base de datos, y ejecutar instrucciones SQL que alteren o eliminen elementos de la base de datos. NOTA: esto se explota en la naturaleza en mayo y junio de 2023; la explotaci\u00f3n de sistemas sin parches puede ocurrir a trav\u00e9s de HTTP o HTTPS. Todas las versiones (por ejemplo, 2020.0 y 2019x) anteriores a las cinco versiones mencionadas expl\u00edcitamente se ven afectadas, incluidas las versiones m\u00e1s antiguas no compatibles."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en Ivanti EPMM permite a usuarios no autorizados acceder a funciones o recursos restringidos de la aplicaci\u00f3n sin la autenticaci\u00f3n adecuada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de path traversal en las versiones de Ivanti EPMM (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 y 11.8.x < 11.8.1.2) permite que un administrador autenticado escriba archivos arbitrarios en el dispositivo."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-12-11T03:15:04.877",
|
||||
"lastModified": "2024-12-11T03:15:04.877",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T16:15:10.697",
|
||||
"lastModified": "2024-11-21T08:11:39.140",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-28T12:15:08.360",
|
||||
"lastModified": "2024-11-21T08:11:39.410",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-03-04T18:15:08.743",
|
||||
"lastModified": "2024-11-21T08:13:24.827",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-03-04T16:15:49.130",
|
||||
"lastModified": "2024-11-21T08:13:25.080",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-03-13T10:15:07.680",
|
||||
"lastModified": "2024-11-21T08:14:07.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T18:15:08.860",
|
||||
"lastModified": "2024-11-21T08:14:07.423",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "RARLAB WinRAR anterior a la versi\u00f3n 6.23 permite a los atacantes ejecutar c\u00f3digo arbitrario cuando un usuario intenta ver un archivo benigno dentro de un archivo ZIP. El problema se produce porque un archivo ZIP puede incluir un archivo benigno (como un archivo .JPG normal) y tambi\u00e9n una carpeta que tiene el mismo nombre que el archivo benigno, y el contenido de la carpeta (que puede incluir contenido ejecutable) se procesa durante un intento de acceder \u00fanicamente al archivo benigno. Esto se explot\u00f3 de forma activa entre abril y octubre de 2023."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
|
||||
"published": "2024-11-22T20:15:05.487",
|
||||
"lastModified": "2024-11-22T20:15:05.487",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T19:15:07.670",
|
||||
"lastModified": "2024-11-21T08:19:59.120",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-05-03T18:15:09.053",
|
||||
"lastModified": "2024-11-21T08:19:59.250",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-11-25T16:15:11.273",
|
||||
"lastModified": "2024-11-25T16:15:11.273",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cvd@cert.pl",
|
||||
"published": "2024-12-19T10:15:13.147",
|
||||
"lastModified": "2024-12-19T10:15:13.147",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@fortinet.com",
|
||||
"published": "2024-11-12T19:15:07.110",
|
||||
"lastModified": "2024-11-13T17:01:16.850",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-02-29T06:15:45.390",
|
||||
"lastModified": "2024-11-21T08:30:56.817",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@fortinet.com",
|
||||
"published": "2024-06-03T08:15:08.507",
|
||||
"lastModified": "2024-11-21T08:32:26.620",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-04-19T15:15:49.847",
|
||||
"lastModified": "2024-11-21T08:33:09.917",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-04-19T15:15:50.040",
|
||||
"lastModified": "2024-11-21T08:36:46.290",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
|
||||
"published": "2024-11-22T20:15:06.050",
|
||||
"lastModified": "2024-11-22T20:15:06.050",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
|
||||
"published": "2024-11-22T20:15:06.167",
|
||||
"lastModified": "2024-11-22T20:15:06.167",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
|
||||
"published": "2024-11-22T20:15:06.283",
|
||||
"lastModified": "2024-11-22T20:15:06.283",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
|
||||
"published": "2024-11-22T20:15:06.400",
|
||||
"lastModified": "2024-11-22T20:15:06.400",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
|
||||
"published": "2024-11-22T20:15:06.523",
|
||||
"lastModified": "2024-11-22T20:15:06.523",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user