admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-04-16T14:00:39.549011+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-04-16 14:03:30 +00:00
parent 81b8f88795
commit 40e16ed1c7
94 changed files with 868 additions and 273 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2020/CVE-2020-225xx/CVE-2020-22539.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2020-22539",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T22:15:07.620",
"lastModified": "2024-04-15T22:15:07.620",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the Add Category function of Codoforum v4.9 allows attackers to execute arbitrary code via uploading a crafted file."
},
{
"lang": "es",
"value": "Una vulnerabilidad de carga de archivos arbitrarios en la funci\u00f3n Agregar Categor\u00eda de Codoforum v4.9 permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo manipulado."
}
],
"metrics": {},

8
CVE-2020/CVE-2020-225xx/CVE-2020-22540.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2020-22540",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T23:15:06.730",
"lastModified": "2024-04-15T23:15:06.730",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Stored Cross-Site Scripting (XSS) vulnerability in Codoforum v4.9, allows attackers to execute arbitrary code and obtain sensitive information via crafted payload to Category name component."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) almacenado en Codoforum v4.9 permite a los atacantes ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulado en el componente de nombre de categor\u00eda."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-338xx/CVE-2023-33806.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-33806",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T23:15:06.837",
"lastModified": "2024-04-15T23:15:06.837",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insecure default configurations in Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119, allows attackers to execute arbitrary commands."
},
{
"lang": "es",
"value": "Las configuraciones predeterminadas inseguras en Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119 permiten a los atacantes ejecutar comandos arbitrarios."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-455xx/CVE-2023-45503.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45503",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T20:15:10.777",
"lastModified": "2024-04-15T20:15:10.777",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole, deleteComment, deleteUser, allowComment, saveRole, forgotPasswordProcess, resetPassword, saveUser, addComment, saveRole, and saveUser endpoints."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Macrob7 Macs CMS 1.1.4f, permite a atacantes remotos ejecutar c\u00f3digo arbitrario, provocar una denegaci\u00f3n de servicio (DoS), escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulado para resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole, deleteComment, deleteUser, allowComment, saveRole, forgotPasswordProcess, resetPassword, saveUser, addComment, saveRole, and saveUser endpoints."
}
],
"metrics": {},

4
CVE-2023/CVE-2023-60xx/CVE-2023-6038.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-6038",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-11-16T17:15:09.373",
"lastModified": "2024-02-08T10:15:10.703",
"lastModified": "2024-04-16T12:15:08.780",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An attacker is able to read any file on the server hosting the H2O dashboard without any authentication."
"value": "A Local File Inclusion (LFI) vulnerability exists in the h2o-3 REST API, allowing unauthenticated remote attackers to read arbitrary files on the server with the permissions of the user running the h2o-3 instance. This issue affects the default installation and does not require user interaction. The vulnerability can be exploited by making specific GET or POST requests to the ImportFiles and ParseSetup endpoints, respectively. This issue was identified in version 3.40.0.4 of h2o-3."
},
{
"lang": "es",

6
CVE-2023/CVE-2023-65xx/CVE-2023-6568.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-6568",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-12-07T05:15:09.347",
"lastModified": "2023-12-09T04:51:50.623",
"vulnStatus": "Analyzed",
"lastModified": "2024-04-16T12:15:08.957",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Reflected in GitHub repository mlflow/mlflow prior to 2.9.0."
"value": "A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly reflected back to the user without adequate sanitization or escaping, leading to arbitrary JavaScript execution in the context of the victim's browser. The vulnerability is present in the mlflow/server/auth/__init__.py file, where the user-supplied Content-Type header is directly injected into a Python formatted string and returned to the user, facilitating the XSS attack."
},
{
"lang": "es",

8
CVE-2024/CVE-2024-04xx/CVE-2024-0404.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-0404",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:07.387",
"lastModified": "2024-04-16T00:15:07.387",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A mass assignment vulnerability exists in the `/api/invite/:code` endpoint of the mintplex-labs/anything-llm repository, allowing unauthorized creation of high-privileged accounts. By intercepting and modifying the HTTP request during the account creation process via an invitation link, an attacker can add a `role` property with `admin` value, thereby gaining administrative access. This issue arises due to the lack of property allowlisting and blocklisting, enabling the attacker to exploit the system and perform actions as an administrator."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de asignaci\u00f3n masiva en el endpoint `/api/invite/:code` del repositorio mintplex-labs/anything-llm, lo que permite la creaci\u00f3n no autorizada de cuentas con altos privilegios. Al interceptar y modificar la solicitud HTTP durante el proceso de creaci\u00f3n de la cuenta a trav\u00e9s de un enlace de invitaci\u00f3n, un atacante puede agregar una propiedad \"rol\" con valor \"admin\", obteniendo as\u00ed acceso administrativo. Este problema surge debido a la falta de listas de propiedades permitidas y bloqueadas, lo que permite al atacante explotar el sistema y realizar acciones como administrador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-05xx/CVE-2024-0549.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-0549",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:07.603",
"lastModified": "2024-04-16T00:15:07.603",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing unauthorized attackers with a default role account to delete files and folders within the filesystem, including critical database files such as 'anythingllm.db'. The vulnerability stems from insufficient input validation and normalization in the handling of file and folder deletion requests. Successful exploitation results in the compromise of data integrity and availability."
},
{
"lang": "es",
"value": "mintplex-labs/anything-llm es vulnerable a un ataque de relative path traversal, lo que permite a atacantes no autorizados con una cuenta de rol predeterminada eliminar archivos y carpetas dentro del sistema de archivos, incluidos archivos de bases de datos cr\u00edticos como 'anythingllm.db'. La vulnerabilidad se debe a una validaci\u00f3n y normalizaci\u00f3n de entrada insuficientes en el manejo de solicitudes de eliminaci\u00f3n de archivos y carpetas. La explotaci\u00f3n exitosa resulta en el compromiso de la integridad y disponibilidad de los datos."
}
],
"metrics": {

4
CVE-2024/CVE-2024-07xx/CVE-2024-0798.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-0798",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-02-26T16:27:51.563",
"lastModified": "2024-02-26T16:32:25.577",
"lastModified": "2024-04-16T12:15:09.113",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A user with a `default` role given to them by the admin can sent `DELETE` HTTP requests to `remove-folder` and `remove-document` to delete folders and source files from the instance even when their role should explicitly not allow this action on the system."
"value": "A privilege escalation vulnerability exists in mintplex-labs/anything-llm, allowing users with 'default' role to delete documents uploaded by 'admin'. Despite the intended restriction that prevents 'default' role users from deleting admin-uploaded documents, an attacker can exploit this vulnerability by sending a crafted DELETE request to the /api/system/remove-document endpoint. This vulnerability is due to improper access control checks, enabling unauthorized document deletion and potentially leading to loss of data integrity."
},
{
"lang": "es",

4
CVE-2024/CVE-2024-11xx/CVE-2024-1135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1135",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:07.797",
"lastModified": "2024-04-16T00:15:07.797",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-11xx/CVE-2024-1183.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1183",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:07.990",
"lastModified": "2024-04-16T00:15:07.990",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the presence of a 'Location' header or a 'File not allowed' error in the response."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad SSRF (Server-Side Request Forgery) en el repositorio gradio-app/gradio, que permite a los atacantes escanear e identificar puertos abiertos dentro de una red interna. Al manipular el par\u00e1metro \"archivo\" en una solicitud GET, un atacante puede discernir el estado de los puertos internos en funci\u00f3n de la presencia de un encabezado \"Ubicaci\u00f3n\" o un error \"Archivo no permitido\" en la respuesta."
}
],
"metrics": {

4
CVE-2024/CVE-2024-13xx/CVE-2024-1357.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1357",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-16T10:15:07.273",
"lastModified": "2024-04-16T10:15:07.273",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

18
CVE-2024/CVE-2024-13xx/CVE-2024-1394.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1394",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-03-21T13:00:08.037",
"lastModified": "2024-04-03T18:15:07.140",
"lastModified": "2024-04-16T13:15:11.050",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -111,9 +111,25 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262921",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f",
"source": "secalert@redhat.com"
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2660",
"source": "secalert@redhat.com"
},
{
"url": "https://vuln.go.dev/ID/GO-2024-2660.json",
"source": "secalert@redhat.com"
}
]
}

8
CVE-2024/CVE-2024-14xx/CVE-2024-1455.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-1455",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-03-26T14:15:08.450",
"lastModified": "2024-03-26T17:09:53.043",
"lastModified": "2024-04-16T12:15:09.230",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The XMLOutputParser in LangChain uses the etree module from the XML parser in the standard python library which has some XML vulnerabilities; see: https://docs.python.org/3/library/xml.html\n\nThis primarily affects users that combine an LLM (or agent) with the `XMLOutputParser` and expose the component via an endpoint on a web-service. \n\nThis would allow a malicious party to attempt to manipulate the LLM to produce a malicious payload for the parser that would compromise the availability of the service.\n\nA successful attack is predicated on:\n\n1. Usage of XMLOutputParser\n2. Passing of malicious input into the XMLOutputParser either directly or by trying to manipulate an LLM to do so on the users behalf\n3. Exposing the component via a web-service"
"value": "A vulnerability in the langchain-ai/langchain repository allows for a Billion Laughs Attack, a type of XML External Entity (XXE) exploitation. By nesting multiple layers of entities within an XML document, an attacker can cause the XML parser to consume excessive CPU and memory resources, leading to a denial of service (DoS). "
},
{
"lang": "es",
@ -51,6 +51,10 @@
}
],
"references": [
{
"url": "https://github.com/langchain-ai/langchain/commit/727d5023ce88e18e3074ef620a98137d26ff92a3",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/4353571f-c70d-4bfd-ac08-3a89cecb45b6",
"source": "security@huntr.dev"

8
CVE-2024/CVE-2024-14xx/CVE-2024-1456.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1456",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:08.170",
"lastModified": "2024-04-16T00:15:08.170",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An S3 bucket takeover vulnerability was identified in the h2oai/h2o-3 repository. The issue involves the S3 bucket 'http://s3.amazonaws.com/h2o-training', which was found to be vulnerable to unauthorized takeover."
},
{
"lang": "es",
"value": "Se identific\u00f3 una vulnerabilidad de toma de control del dep\u00f3sito S3 en el repositorio h2oai/h2o-3. El problema involucra al dep\u00f3sito S3 'http://s3.amazonaws.com/h2o-training', que result\u00f3 ser vulnerable a adquisiciones no autorizadas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-14xx/CVE-2024-1483.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1483",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:08.353",
"lastModified": "2024-04-16T00:15:08.353",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in mlflow/mlflow version 2.9.2, allowing attackers to access arbitrary files on the server. By crafting a series of HTTP POST requests with specially crafted 'artifact_location' and 'source' parameters, using a local URI with '#' instead of '?', an attacker can traverse the server's directory structure. The issue occurs due to insufficient validation of user-supplied input in the server's handlers."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de path traversal en mlflow/mlflow versi\u00f3n 2.9.2, que permite a los atacantes acceder a archivos arbitrarios en el servidor. Al crear una serie de solicitudes HTTP POST con par\u00e1metros 'artifact_location' y 'source' especialmente manipulados, utilizando un URI local con '#' en lugar de '?', un atacante puede atravesar la estructura de directorios del servidor. El problema se produce debido a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario en los controladores del servidor."
}
],
"metrics": {

10
CVE-2024/CVE-2024-15xx/CVE-2024-1522.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-1522",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-03-30T18:15:45.930",
"lastModified": "2024-04-02T19:15:46.807",
"lastModified": "2024-04-16T12:15:09.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The parisneo/lollms-webui does not have CSRF protections. As a result, an attacker is able to execute arbitrary OS commands via the `/execute_code` API endpoint by tricking a user into visiting a specially crafted webpage."
"value": "A Cross-Site Request Forgery (CSRF) vulnerability in the parisneo/lollms-webui project allows remote attackers to execute arbitrary code on a victim's system. The vulnerability stems from the `/execute_code` API endpoint, which does not properly validate requests, enabling an attacker to craft a malicious webpage that, when visited by a victim, submits a form to the victim's local lollms-webui instance to execute arbitrary OS commands. This issue allows attackers to take full control of the victim's system without requiring direct network access to the vulnerable application."
},
{
"lang": "es",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV31": [
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",

4
CVE-2024/CVE-2024-15xx/CVE-2024-1540.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-1540",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-03-27T16:15:09.963",
"lastModified": "2024-03-27T17:48:21.140",
"lastModified": "2024-04-16T12:15:09.617",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Previously, it was possible to exfiltrate secrets in Gradio's CI, but this is now fixed."
"value": "A command injection vulnerability exists in the deploy+test-visual.yml workflow of the gradio-app/gradio repository, due to improper neutralization of special elements used in a command. This vulnerability allows attackers to execute unauthorized commands, potentially leading to unauthorized modification of the base repository or secrets exfiltration. The issue arises from the unsafe handling of GitHub context information within a `run` operation, where expressions inside `${{ }}` are evaluated and substituted before script execution. Remediation involves setting untrusted input values to intermediate environment variables to prevent direct influence on script generation."
},
{
"lang": "es",

8
CVE-2024/CVE-2024-15xx/CVE-2024-1558.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1558",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:08.533",
"lastModified": "2024-04-16T00:15:08.533",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the `_create_model_version()` function within `server/handlers.py` of the mlflow/mlflow repository, due to improper validation of the `source` parameter. Attackers can exploit this vulnerability by crafting a `source` parameter that bypasses the `_validate_non_local_source_contains_relative_paths(source)` function's checks, allowing for arbitrary file read access on the server. The issue arises from the handling of unquoted URL characters and the subsequent misuse of the original `source` value for model version creation, leading to the exposure of sensitive files when interacting with the `/model-versions/get-artifact` handler."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de path traversal en la funci\u00f3n `_create_model_version()` dentro de `server/handlers.py` del repositorio mlflow/mlflow, debido a una validaci\u00f3n incorrecta del par\u00e1metro `source`. Los atacantes pueden explotar esta vulnerabilidad creando un par\u00e1metro `source` que pasa por alto las comprobaciones de la funci\u00f3n `_validate_non_local_source_contains_relative_paths(source)`, permitiendo acceso de lectura arbitrario a archivos en el servidor. El problema surge del manejo de caracteres URL sin comillas y el posterior uso indebido del valor \"fuente\" original para la creaci\u00f3n de la versi\u00f3n del modelo, lo que lleva a la exposici\u00f3n de archivos confidenciales al interactuar con el controlador \"/model-versions/get-artifact\"."
}
],
"metrics": {

8
CVE-2024/CVE-2024-15xx/CVE-2024-1560.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1560",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:08.713",
"lastModified": "2024-04-16T00:15:08.713",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and `local_file_uri_to_path` function, allowing for the deletion of arbitrary directories on the server's filesystem. This vulnerability is due to an extra unquote operation in the `delete_artifacts` function of `local_artifact_repo.py`, which fails to properly sanitize user-supplied paths. The issue is present up to version 2.9.2, despite attempts to fix a similar issue in CVE-2023-6831."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de path traversal en el repositorio mlflow/mlflow, espec\u00edficamente dentro de la funcionalidad de eliminaci\u00f3n de artefactos. Los atacantes pueden eludir la validaci\u00f3n de rutas explotando el proceso de doble decodificaci\u00f3n en el controlador `_delete_artifact_mlflow_artifacts` y la funci\u00f3n `local_file_uri_to_path`, lo que permite la eliminaci\u00f3n de directorios arbitrarios en el sistema de archivos del servidor. Esta vulnerabilidad se debe a una operaci\u00f3n adicional entre comillas en la funci\u00f3n `delete_artifacts` de `local_artifact_repo.py`, que no sanitiza adecuadamente las rutas proporcionadas por el usuario. El problema est\u00e1 presente hasta la versi\u00f3n 2.9.2, a pesar de los intentos de solucionar un problema similar en CVE-2023-6831."
}
],
"metrics": {

8
CVE-2024/CVE-2024-15xx/CVE-2024-1561.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1561",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:08.887",
"lastModified": "2024-04-16T00:15:08.887",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block` class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access, posing a significant risk especially when the application is exposed to the internet via `launch(share=True)`, thereby allowing remote attackers to read files on the host machine. Furthermore, gradio apps hosted on `huggingface.co` are also affected, potentially leading to the exposure of sensitive information such as API keys and credentials stored in environment variables."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en gradio-app/gradio, donde el endpoint `/component_server` permite incorrectamente la invocaci\u00f3n de cualquier m\u00e9todo en una clase `Component` con argumentos controlados por el atacante. Espec\u00edficamente, al explotar el m\u00e9todo `move_resource_to_block_cache()` de la clase `Block`, un atacante puede copiar cualquier archivo en el sistema de archivos a un directorio temporal y posteriormente recuperarlo. Esta vulnerabilidad permite el acceso de lectura de archivos locales no autorizados, lo que representa un riesgo significativo, especialmente cuando la aplicaci\u00f3n est\u00e1 expuesta a Internet a trav\u00e9s de \"launch(share=True)\", lo que permite a atacantes remotos leer archivos en la m\u00e1quina host. Adem\u00e1s, las aplicaciones de gradio alojadas en `huggingface.co` tambi\u00e9n se ven afectadas, lo que podr\u00eda provocar la exposici\u00f3n de informaci\u00f3n confidencial, como claves API y credenciales almacenadas en variables de entorno."
}
],
"metrics": {

8
CVE-2024/CVE-2024-15xx/CVE-2024-1569.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1569",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:09.060",
"lastModified": "2024-04-16T00:15:09.060",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "parisneo/lollms-webui is vulnerable to a denial of service (DoS) attack due to uncontrolled resource consumption. Attackers can exploit the `/open_code_in_vs_code` and similar endpoints without authentication by sending repeated HTTP POST requests, leading to the opening of Visual Studio Code or the default folder opener (e.g., File Explorer, xdg-open) multiple times. This can render the host machine unusable by exhausting system resources. The vulnerability is present in the latest version of the software."
},
{
"lang": "es",
"value": "parisneo/lollms-webui es vulnerable a un ataque de denegaci\u00f3n de servicio (DoS) debido al consumo incontrolado de recursos. Los atacantes pueden explotar `/open_code_in_vs_code` y endpoints similares sin autenticaci\u00f3n enviando solicitudes HTTP POST repetidas, lo que lleva a la apertura de Visual Studio Code o del abridor de carpeta predeterminado (por ejemplo, Explorador de archivos, xdg-open) varias veces. Esto puede inutilizar la m\u00e1quina host al agotar los recursos del sistema. La vulnerabilidad est\u00e1 presente en la \u00faltima versi\u00f3n del software."
}
],
"metrics": {

8
CVE-2024/CVE-2024-15xx/CVE-2024-1593.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1593",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:09.247",
"lastModified": "2024-04-16T00:15:09.247",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. This vulnerability allows for arbitrary data smuggling into the 'params' part of the URL, enabling attacks similar to those described in previous reports but utilizing the ';' character for parameter smuggling. Successful exploitation could lead to unauthorized information disclosure or server compromise."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de path traversal en el repositorio mlflow/mlflow debido a un manejo inadecuado de los par\u00e1metros de URL. Al contrabandear secuencias de path traversal utilizando el ';' car\u00e1cter en las URL, los atacantes pueden manipular la parte 'par\u00e1metros' de la URL para obtener acceso no autorizado a archivos o directorios. Esta vulnerabilidad permite el contrabando de datos arbitrarios en la parte 'params' de la URL, lo que permite ataques similares a los descritos en informes anteriores pero utilizando el ';' personaje para el contrabando de par\u00e1metros. La explotaci\u00f3n exitosa podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n no autorizada o al compromiso del servidor."
}
],
"metrics": {

8
CVE-2024/CVE-2024-15xx/CVE-2024-1594.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1594",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:09.417",
"lastModified": "2024-04-16T00:15:09.417",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the `artifact_location` parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component `#` in the artifact location URI to read arbitrary files on the server in the context of the server's process. This issue is similar to CVE-2023-6909 but utilizes a different component of the URI to achieve the same effect. "
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de path traversal en el repositorio mlflow/mlflow, espec\u00edficamente en el manejo del par\u00e1metro `artifact_location` al crear un experimento. Los atacantes pueden aprovechar esta vulnerabilidad utilizando un componente de fragmento `#` en el URI de ubicaci\u00f3n del artefacto para leer archivos arbitrarios en el servidor en el contexto del proceso del servidor. Este problema es similar a CVE-2023-6909 pero utiliza un componente diferente del URI para lograr el mismo efecto."
}
],
"metrics": {

8
CVE-2024/CVE-2024-16xx/CVE-2024-1601.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1601",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:09.597",
"lastModified": "2024-04-16T00:15:09.597",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An SQL injection vulnerability exists in the `delete_discussion()` function of the parisneo/lollms-webui application, allowing an attacker to delete all discussions and message data. The vulnerability is exploitable via a crafted HTTP POST request to the `/delete_discussion` endpoint, which internally calls the vulnerable `delete_discussion()` function. By sending a specially crafted payload in the 'id' parameter, an attacker can manipulate SQL queries to delete all records from the 'discussion' and 'message' tables. This issue is due to improper neutralization of special elements used in an SQL command."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n `delete_discussion()` de la aplicaci\u00f3n parisneo/lollms-webui, lo que permite a un atacante eliminar todas las discusiones y datos de mensajes. La vulnerabilidad se puede explotar a trav\u00e9s de una solicitud POST HTTP manipulada al endpoint `/delete_discussion`, que llama internamente a la funci\u00f3n vulnerable `delete_discussion()`. Al enviar un payload especialmente manipulado en el par\u00e1metro 'id', un atacante puede manipular consultas SQL para eliminar todos los registros de las tablas 'discusi\u00f3n' y 'mensaje'. Este problema se debe a una neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando SQL."
}
],
"metrics": {

8
CVE-2024/CVE-2024-16xx/CVE-2024-1626.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1626",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:09.777",
"lastModified": "2024-04-16T00:15:09.777",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary repository, version 0.3.0, within the project update endpoint. The vulnerability allows authenticated users to modify the name of any project within the system without proper authorization checks, by directly referencing the project's ID in the PATCH request to the '/v1/projects/:projectId' endpoint. This issue arises because the endpoint does not verify if the provided project ID belongs to the currently authenticated user, enabling unauthorized modifications across different organizational projects."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de referencia directa a objetos inseguros (IDOR) en el repositorio lunary-ai/lunary, versi\u00f3n 0.3.0, dentro del endpoint de actualizaci\u00f3n del proyecto. La vulnerabilidad permite a los usuarios autenticados modificar el nombre de cualquier proyecto dentro del sistema sin las comprobaciones de autorizaci\u00f3n adecuadas, haciendo referencia directamente al ID del proyecto en la solicitud PATCH al endpoint '/v1/projects/:projectId'. Este problema surge porque el endpoint no verifica si el ID del proyecto proporcionado pertenece al usuario actualmente autenticado, lo que permite modificaciones no autorizadas en diferentes proyectos organizacionales."
}
],
"metrics": {

8
CVE-2024/CVE-2024-16xx/CVE-2024-1646.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1646",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:09.967",
"lastModified": "2024-04-16T00:15:09.967",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to restrict access, which is inadequate when the application is bound to a specific interface, allowing unauthorized access to endpoints such as '/restart_program', '/update_software', '/check_update', '/start_recording', and '/stop_recording'. This vulnerability can lead to denial of service, unauthorized disabling or overriding of recordings, and potentially other impacts if certain features are enabled in the configuration."
},
{
"lang": "es",
"value": "parisneo/lollms-webui es vulnerable a la omisi\u00f3n de autenticaci\u00f3n debido a una protecci\u00f3n insuficiente en los endpoints sensibles. La aplicaci\u00f3n verifica si el par\u00e1metro del host no es '0.0.0.0' para restringir el acceso, lo cual es inadecuado cuando la aplicaci\u00f3n est\u00e1 vinculada a una interfaz espec\u00edfica, lo que permite el acceso no autorizado a endpoints como '/restart_program', '/update_software', '/ check_update', '/start_recording' y '/stop_recording'. Esta vulnerabilidad puede provocar denegaci\u00f3n de servicio, desactivaci\u00f3n o anulaci\u00f3n no autorizada de grabaciones y potencialmente otros impactos si ciertas funciones est\u00e1n habilitadas en la configuraci\u00f3n."
}
],
"metrics": {

8
CVE-2024/CVE-2024-16xx/CVE-2024-1665.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1665",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:10.150",
"lastModified": "2024-04-16T00:15:10.150",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "lunary-ai/lunary version 1.0.0 is vulnerable to unauthorized evaluation creation due to missing server-side checks for user account status during evaluation creation. While the web UI restricts evaluation creation to paid accounts, the server-side API endpoint '/v1/evaluations' does not verify if the user has a paid account, allowing users with free or self-hosted accounts to create unlimited evaluations without upgrading their account. This vulnerability is due to the lack of account status validation in the evaluation creation process."
},
{
"lang": "es",
"value": "lunary-ai/lunary versi\u00f3n 1.0.0 es vulnerable a la creaci\u00f3n de evaluaciones no autorizadas debido a que faltan verificaciones del lado del servidor para el estado de la cuenta de usuario durante la creaci\u00f3n de la evaluaci\u00f3n. Si bien la interfaz de usuario web restringe la creaci\u00f3n de evaluaciones a cuentas pagas, el endpoint API del lado del servidor '/v1/evaluations' no verifica si el usuario tiene una cuenta paga, lo que permite a los usuarios con cuentas gratuitas o autohospedadas crear evaluaciones ilimitadas sin actualizar su cuenta. Esta vulnerabilidad se debe a la falta de validaci\u00f3n del estado de la cuenta en el proceso de creaci\u00f3n de la evaluaci\u00f3n."
}
],
"metrics": {

8
CVE-2024/CVE-2024-16xx/CVE-2024-1666.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1666",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:10.330",
"lastModified": "2024-04-16T00:15:10.330",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In lunary-ai/lunary version 1.0.0, an authorization flaw exists that allows unauthorized radar creation. The vulnerability stems from the lack of server-side checks to verify if a user is on a free account during the radar creation process, which is only enforced in the web UI. As a result, attackers can bypass the intended account upgrade requirement by directly sending crafted requests to the server, enabling the creation of an unlimited number of radars without payment."
},
{
"lang": "es",
"value": "En lunary-ai/lunary versi\u00f3n 1.0.0, existe una falla de autorizaci\u00f3n que permite la creaci\u00f3n de radares no autorizados. La vulnerabilidad surge de la falta de comprobaciones del lado del servidor para verificar si un usuario tiene una cuenta gratuita durante el proceso de creaci\u00f3n del radar, que s\u00f3lo se aplica en la interfaz de usuario web. Como resultado, los atacantes pueden eludir el requisito de actualizaci\u00f3n de cuenta previsto enviando directamente solicitudes manipuladas al servidor, lo que permite la creaci\u00f3n de una cantidad ilimitada de radares sin pago."
}
],
"metrics": {

4
CVE-2024/CVE-2024-17xx/CVE-2024-1727.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-1727",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-03-21T20:15:07.620",
"lastModified": "2024-03-22T12:45:36.130",
"lastModified": "2024-04-16T12:15:09.843",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "To prevent malicious 3rd party websites from making requests to Gradio applications running locally, this PR tightens the CORS rules around Gradio applications. In particular, it checks to see if the host header is localhost (or one of its aliases) and if so, it requires the origin header (if present) to be localhost (or one of its aliases) as well.\n\n"
"value": "A Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim's server, an attacker can deplete the system's disk space, potentially leading to a denial of service. This issue affects the file upload functionality as implemented in gradio/routes.py."
},
{
"lang": "es",

4
CVE-2024/CVE-2024-17xx/CVE-2024-1729.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-1729",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-03-29T05:15:45.477",
"lastModified": "2024-03-29T12:45:02.937",
"lastModified": "2024-04-16T12:15:09.930",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Th password check condition is vulnerable to timing attack to guess the password\n\n"
"value": "A timing attack vulnerability exists in the gradio-app/gradio repository, specifically within the login function in routes.py. The vulnerability arises from the use of a direct comparison operation (`app.auth[username] == password`) to validate user credentials, which can be exploited to guess passwords based on response times. Successful exploitation of this vulnerability could allow an attacker to bypass authentication mechanisms and gain unauthorized access."
},
{
"lang": "es",

8
CVE-2024/CVE-2024-17xx/CVE-2024-1738.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1738",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:10.510",
"lastModified": "2024-04-16T00:15:10.510",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An incorrect authorization vulnerability exists in the lunary-ai/lunary repository, specifically within the evaluations.get route in the evaluations API endpoint. This vulnerability allows unauthorized users to retrieve the results of any organization's evaluation by simply knowing the evaluation ID, due to the lack of project ID verification in the SQL query. As a result, attackers can gain access to potentially private data contained within the evaluation results."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de autorizaci\u00f3n incorrecta en el repositorio lunary-ai/lunary, espec\u00edficamente dentro de la ruta evaluations.get en el endpoint de la API de evaluaciones. Esta vulnerabilidad permite a usuarios no autorizados recuperar los resultados de la evaluaci\u00f3n de cualquier organizaci\u00f3n simplemente conociendo el ID de la evaluaci\u00f3n, debido a la falta de verificaci\u00f3n del ID del proyecto en la consulta SQL. Como resultado, los atacantes pueden obtener acceso a datos potencialmente privados contenidos en los resultados de la evaluaci\u00f3n."
}
],
"metrics": {

8
CVE-2024/CVE-2024-17xx/CVE-2024-1739.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1739",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:10.697",
"lastModified": "2024-04-16T00:15:10.697",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "lunary-ai/lunary is vulnerable to an authentication issue due to improper validation of email addresses during the signup process. Specifically, the server fails to treat email addresses as case insensitive, allowing the creation of multiple accounts with the same email address by varying the case of the email characters. For example, accounts for 'abc@gmail.com' and 'Abc@gmail.com' can both be created, leading to potential impersonation and confusion among users."
},
{
"lang": "es",
"value": "lunary-ai/lunary es vulnerable a un problema de autenticaci\u00f3n debido a una validaci\u00f3n incorrecta de las direcciones de correo electr\u00f3nico durante el proceso de registro. Espec\u00edficamente, el servidor no trata las direcciones de correo electr\u00f3nico sin distinguir entre may\u00fasculas y min\u00fasculas, lo que permite la creaci\u00f3n de varias cuentas con la misma direcci\u00f3n de correo electr\u00f3nico variando las may\u00fasculas y min\u00fasculas de los caracteres del correo electr\u00f3nico. Por ejemplo, se pueden crear cuentas para 'abc@gmail.com' y 'Abc@gmail.com', lo que genera una posible suplantaci\u00f3n de identidad y confusi\u00f3n entre los usuarios."
}
],
"metrics": {

4
CVE-2024/CVE-2024-18xx/CVE-2024-1892.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-1892",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-02-28T00:15:53.897",
"lastModified": "2024-02-28T14:06:45.783",
"lastModified": "2024-04-16T12:15:10.050",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Parts of the Scrapy API were found to be vulnerable to a ReDoS attack. Handling a malicious response could cause extreme CPU and memory usage during the parsing of its content, due to the use of vulnerable regular expressions for that parsing."
"value": "A Regular Expression Denial of Service (ReDoS) vulnerability exists in the XMLFeedSpider class of the scrapy/scrapy project, specifically in the parsing of XML content. By crafting malicious XML content that exploits inefficient regular expression complexity used in the parsing process, an attacker can cause a denial-of-service (DoS) condition. This vulnerability allows for the system to hang and consume significant resources, potentially rendering services that utilize Scrapy for XML processing unresponsive."
},
{
"lang": "es",

8
CVE-2024/CVE-2024-19xx/CVE-2024-1961.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1961",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:10.867",
"lastModified": "2024-04-16T00:15:10.867",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "vertaai/modeldb is vulnerable to a path traversal attack due to improper sanitization of user-supplied file paths in its file upload functionality. Attackers can exploit this vulnerability to write arbitrary files anywhere in the file system by manipulating the 'artifact_path' parameter. This flaw can lead to Remote Code Execution (RCE) by overwriting critical files, such as the application's configuration file, especially when the application is run outside of Docker. The vulnerability is present in the NFSController.java and NFSService.java components of the application."
},
{
"lang": "es",
"value": "vertaai/modeldb es vulnerable a un ataque de path traversal debido a una sanitizaci\u00f3n inadecuada de las rutas de archivos proporcionadas por el usuario en su funcionalidad de carga de archivos. Los atacantes pueden aprovechar esta vulnerabilidad para escribir archivos arbitrarios en cualquier parte del sistema de archivos manipulando el par\u00e1metro 'artifact_path'. Esta falla puede provocar la ejecuci\u00f3n remota de c\u00f3digo (RCE) al sobrescribir archivos cr\u00edticos, como el archivo de configuraci\u00f3n de la aplicaci\u00f3n, especialmente cuando la aplicaci\u00f3n se ejecuta fuera de Docker. La vulnerabilidad est\u00e1 presente en los componentes NFSController.java y NFSService.java de la aplicaci\u00f3n."
}
],
"metrics": {

8
CVE-2024/CVE-2024-20xx/CVE-2024-2083.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-2083",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:11.057",
"lastModified": "2024-04-16T00:15:11.057",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de directory traversal en el repositorio zenml-io/zenml, espec\u00edficamente dentro del endpoint /api/v1/steps. Los atacantes pueden aprovechar esta vulnerabilidad manipulando la ruta URI de los 'registros' en la solicitud para recuperar contenido de archivo arbitrario, evitando las restricciones de acceso previstas. La vulnerabilidad surge debido a la falta de validaci\u00f3n de los patrones de directory traversal, lo que permite a los atacantes acceder a archivos fuera del directorio restringido."
}
],
"metrics": {

8
CVE-2024/CVE-2024-222xx/CVE-2024-22262.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-22262",
"sourceIdentifier": "security@vmware.com",
"published": "2024-04-16T06:15:46.270",
"lastModified": "2024-04-16T06:15:46.270",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\n"
},
{
"lang": "es",
"value": "Las aplicaciones que utilizan UriComponentsBuilder para analizar una URL proporcionada externamente (por ejemplo, a trav\u00e9s de un par\u00e1metro de consulta) Y realizan comprobaciones de validaci\u00f3n en el host de la URL analizada pueden ser vulnerables a una redirecci\u00f3n abierta https://cwe.mitre.org/data/definitions/601 .html o a un ataque SSRF si la URL se utiliza despu\u00e9s de pasar las comprobaciones de validaci\u00f3n. Esto es lo mismo que CVE-2024-22259 https://spring.io/security/cve-2024-22259 y CVE-2024-22243 https://spring.io/security/cve-2024-22243, pero con diferentes aporte."
}
],
"metrics": {

4
CVE-2024/CVE-2024-22xx/CVE-2024-2206.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-2206",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-03-27T01:15:46.613",
"lastModified": "2024-03-27T12:29:30.307",
"lastModified": "2024-04-16T12:15:10.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The /proxy route allows a user to proxy arbitrary urls including potential internal endpoints."
"value": "An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in requests to the `/` and `/config` routes, allowing the addition of arbitrary URLs for proxying. This flaw enables unauthorized proxying of requests and potential access to internal endpoints within the Hugging Face space. The issue arises from the application's inadequate checking of safe URLs in the `build_proxy_request` function."
},
{
"lang": "es",

8
CVE-2024/CVE-2024-22xx/CVE-2024-2260.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-2260",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:11.237",
"lastModified": "2024-04-16T00:15:11.237",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A session fixation vulnerability exists in the zenml-io/zenml application, where JWT tokens used for user authentication are not invalidated upon logout. This flaw allows an attacker to bypass authentication mechanisms by reusing a victim's JWT token."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de reparaci\u00f3n de sesi\u00f3n en la aplicaci\u00f3n zenml-io/zenml, donde los tokens JWT utilizados para la autenticaci\u00f3n del usuario no se invalidan al cerrar sesi\u00f3n. Esta falla permite a un atacante eludir los mecanismos de autenticaci\u00f3n reutilizando el token JWT de la v\u00edctima."
}
],
"metrics": {

8
CVE-2024/CVE-2024-235xx/CVE-2024-23558.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23558",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-04-15T21:15:07.080",
"lastModified": "2024-04-15T21:15:07.080",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.\n"
},
{
"lang": "es",
"value": "HCL DevOps Deploy/HCL Launch no invalida la sesi\u00f3n despu\u00e9s del cierre de sesi\u00f3n, lo que podr\u00eda permitir que un usuario autenticado se haga pasar por otro usuario en el sistema."
}
],
"metrics": {

8
CVE-2024/CVE-2024-235xx/CVE-2024-23560.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23560",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-04-15T20:15:10.873",
"lastModified": "2024-04-15T20:15:10.873",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. \n"
},
{
"lang": "es",
"value": "HCL DevOps Deploy/HCL Launch podr\u00eda ser vulnerable a una revocaci\u00f3n incompleta de permisos al eliminar un tipo de recurso de seguridad personalizado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-235xx/CVE-2024-23561.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23561",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-04-15T21:15:07.243",
"lastModified": "2024-04-15T21:15:07.243",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values. \n"
},
{
"lang": "es",
"value": "HCL DevOps Deploy/HCL Launch es afectado por una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n confidencial debido a una ofuscaci\u00f3n insuficiente de los valores confidenciales."
}
],
"metrics": {

8
CVE-2024/CVE-2024-244xx/CVE-2024-24485.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24485",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T19:15:09.740",
"lastModified": "2024-04-15T19:15:09.740",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to obtain sensitive information via the GET EEP_DATA command."
},
{
"lang": "es",
"value": "Un problema descubierto en silex technology DS-600 Firmware v.1.4.1, permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del comando GET EEP_DATA."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-244xx/CVE-2024-24486.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24486",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T19:15:09.787",
"lastModified": "2024-04-15T19:15:09.787",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to edit device settings via the SAVE EEP_DATA command."
},
{
"lang": "es",
"value": "Un problema descubierto en silex technology DS-600 Firmware v.1.4.1, permite a un atacante remoto editar la configuraci\u00f3n del dispositivo mediante el comando SAVE EEP_DATA."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-244xx/CVE-2024-24487.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24487",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T19:15:09.830",
"lastModified": "2024-04-15T19:15:09.830",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause a denial of service via crafted UDP packets using the EXEC REBOOT SYSTEM command."
},
{
"lang": "es",
"value": "Un problema descubierto en silex technology DS-600 Firmware v.1.4.1, permite que un atacante remoto provoque una denegaci\u00f3n de servicio a trav\u00e9s de paquetes UDP manipulados utilizando el comando EXEC REBOOT SYSTEM."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-24xx/CVE-2024-2424.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-2424",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-04-15T22:15:08.657",
"lastModified": "2024-04-15T22:15:08.657",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nAn input validation vulnerability exists in the Rockwell Automation\u00a05015-AENFTXT that causes the secondary adapter to result in a major nonrecoverable fault (MNRF) when malicious input is entered. If exploited, the availability of the device will be impacted, and a manual restart is required. Additionally, a malformed PTP packet is needed to exploit this vulnerability. \n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de validaci\u00f3n de entrada en Rockwell Automation 5015-AENFTXT que hace que el adaptador secundario genere una falla mayor no recuperable (MNRF) cuando se ingresa una entrada maliciosa. Si se explota, la disponibilidad del dispositivo se ver\u00e1 afectada y ser\u00e1 necesario reiniciarlo manualmente. Adem\u00e1s, se necesita un paquete PTP con formato incorrecto para aprovechar esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-277xx/CVE-2024-27794.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-27794",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-04-15T23:15:06.890",
"lastModified": "2024-04-15T23:15:06.890",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login error message on the login page."
},
{
"lang": "es",
"value": "Claris FileMaker Server anterior a la versi\u00f3n 20.3.2 era susceptible a una vulnerabilidad de Cross-Site Scripting reflejada debido a un par\u00e1metro manejado incorrectamente en el endpoint de inicio de sesi\u00f3n de FileMaker WebDirect. La vulnerabilidad se resolvi\u00f3 en FileMaker Server 20.3.2 escapando del contenido HTML del mensaje de error de inicio de sesi\u00f3n en la p\u00e1gina de inicio de sesi\u00f3n."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-285xx/CVE-2024-28556.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-28556",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T19:15:09.870",
"lastModified": "2024-04-15T19:15:09.870",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Sourcecodester php task management system v1.0, permite a atacantes remotos ejecutar c\u00f3digo arbitrario, escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulado en admin-manage-user.php."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-285xx/CVE-2024-28557.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-28557",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T19:15:09.913",
"lastModified": "2024-04-15T19:15:09.913",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Sourcecodester php task management system v1.0, permite a atacantes remotos ejecutar c\u00f3digo arbitrario, escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulado en update-admin.php."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-285xx/CVE-2024-28558.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-28558",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T19:15:09.957",
"lastModified": "2024-04-15T19:15:09.957",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in sourcecodester Petrol pump management software v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin/app/web_crud.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en sourcecodester Petrol pump management software v1.0, permite a atacantes remotos ejecutar c\u00f3digo arbitrario, escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulado en admin/app/web_crud.php."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-29xx/CVE-2024-2912.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-2912",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:11.427",
"lastModified": "2024-04-16T00:15:11.427",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution (RCE) by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is triggered when a serialized object, crafted to execute OS commands upon deserialization, is sent to any valid BentoML endpoint. This issue poses a significant security risk, enabling attackers to compromise the server and potentially gain unauthorized access or control."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de deserializaci\u00f3n insegura en el framework BentoML, que permite la ejecuci\u00f3n remota de c\u00f3digo (RCE) mediante el env\u00edo de una solicitud POST especialmente manipulada. Al explotar esta vulnerabilidad, los atacantes pueden ejecutar comandos arbitrarios en el servidor que aloja la aplicaci\u00f3n BentoML. La vulnerabilidad se activa cuando un objeto serializado, manipulado para ejecutar comandos del sistema operativo tras la deserializaci\u00f3n, se env\u00eda a cualquier endpoint v\u00e1lido de BentoML. Este problema plantea un riesgo de seguridad importante, ya que permite a los atacantes comprometer el servidor y potencialmente obtener acceso o control no autorizados."
}
],
"metrics": {

8
CVE-2024/CVE-2024-305xx/CVE-2024-30567.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-30567",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-16T00:15:11.620",
"lastModified": "2024-04-16T00:15:11.620",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in JNT Telecom JNT Liftcom UMS V1.J Core Version JM-V15 allows a remote attacker to execute arbitrary code via the Network Troubleshooting functionality."
},
{
"lang": "es",
"value": "Un problema en JNT Telecom JNT Liftcom UMS V1.J Core Version JM-V15 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funcionalidad de soluci\u00f3n de problemas de red."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-306xx/CVE-2024-30656.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-30656",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T22:15:08.870",
"lastModified": "2024-04-15T22:15:08.870",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Fireboltt Dream Wristphone BSW202_FB_AAC_v2.0_20240110-20240110-1956 allows attackers to cause a Denial of Service (DoS) via a crafted deauth frame."
},
{
"lang": "es",
"value": "Un problema en Fireboltt Dream Wristphone BSW202_FB_AAC_v2.0_20240110-20240110-1956 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un frame de autenticaci\u00f3n manipulado."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-308xx/CVE-2024-30840.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-30840",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T20:15:11.030",
"lastModified": "2024-04-15T20:15:11.030",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Stack Overflow vulnerability in Tenda AC15 v15.03.05.18 allows attackers to cause a denial of service via the LISTEN parameter in the fromDhcpListClient function."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de pila en Tenda AC15 v15.03.05.18 permite a atacantes provocar una denegaci\u00f3n de servicio a trav\u00e9s del par\u00e1metro LISTEN en la funci\u00f3n fromDhcpListClient."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-30xx/CVE-2024-3028.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3028",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:11.667",
"lastModified": "2024-04-16T00:15:11.667",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "mintplex-labs/anything-llm is vulnerable to improper input validation, allowing attackers to read and delete arbitrary files on the server. By manipulating the 'logo_filename' parameter in the 'system-preferences' API endpoint, an attacker can construct requests to read sensitive files or the application's '.env' file, and even delete files by setting the 'logo_filename' to the path of the target file and invoking the 'remove-logo' API endpoint. This vulnerability is due to the lack of proper sanitization of user-supplied input."
},
{
"lang": "es",
"value": "mintplex-labs/anything-llm es vulnerable a una validaci\u00f3n de entrada incorrecta, lo que permite a los atacantes leer y eliminar archivos arbitrarios en el servidor. Al manipular el par\u00e1metro 'logo_filename' en el endpoint API 'system-preferences', un atacante puede crear solicitudes para leer archivos confidenciales o el archivo '.env' de la aplicaci\u00f3n, e incluso eliminar archivos configurando 'logo_filename' en la ruta del archivo de destino e invocando el endpoint API 'remove-logo'. Esta vulnerabilidad se debe a la falta de una sanitizaci\u00f3n adecuada de los datos proporcionados por el usuario."
}
],
"metrics": {

8
CVE-2024/CVE-2024-30xx/CVE-2024-3029.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3029",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:11.850",
"lastModified": "2024-04-16T00:15:11.850",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In mintplex-labs/anything-llm, an attacker can exploit improper input validation by sending a malformed JSON payload to the '/system/enable-multi-user' endpoint. This triggers an error that is caught by a catch block, which in turn deletes all users and disables the 'multi_user_mode'. The vulnerability allows an attacker to remove all existing users and potentially create a new admin user without requiring a password, leading to unauthorized access and control over the application."
},
{
"lang": "es",
"value": "En mintplex-labs/anything-llm, un atacante puede aprovechar la validaci\u00f3n de entrada incorrecta enviando un payload JSON con formato incorrecto al endpoint '/system/enable-multi-user'. Esto desencadena un error que es detectado por un bloque catch, que a su vez elimina a todos los usuarios y desactiva el 'multi_user_mode'. La vulnerabilidad permite a un atacante eliminar a todos los usuarios existentes y potencialmente crear un nuevo usuario administrador sin requerir una contrase\u00f1a, lo que genera acceso y control no autorizados sobre la aplicaci\u00f3n."
}
],
"metrics": {

51
CVE-2024/CVE-2024-30xx/CVE-2024-3067.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-3067",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-16T13:15:11.230",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This can also be used by unauthenticated attackers to inject malicious web scripts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-product-feed-manager/trunk/includes/user-interface/class-wppfm-feed-editor-page.php#L34",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3070663%40wp-product-feed-manager&new=3070663%40wp-product-feed-manager&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/37bfb60d-8e2d-4c77-880c-3d17a6a434b8?source=cve",
"source": "security@wordfence.com"
}
]
}

8
CVE-2024/CVE-2024-314xx/CVE-2024-31497.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31497",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T20:15:11.077",
"lastModified": "2024-04-15T23:15:06.950",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6."
},
{
"lang": "es",
"value": "En PuTTY 0.68 a 0.80 antes de 0.81, la generaci\u00f3n nonce ECDSA sesgada permite a un atacante recuperar la clave secreta NIST P-521 de un usuario mediante un ataque r\u00e1pido en aproximadamente 60 firmas. Esto es especialmente importante en un escenario en el que un adversario puede leer mensajes firmados por PuTTY o Pageant. El conjunto requerido de mensajes firmados puede ser legible p\u00fablicamente porque est\u00e1n almacenados en un servicio p\u00fablico Git que admite el uso de SSH para la firma de confirmaci\u00f3n, y Pageant realiz\u00f3 las firmas a trav\u00e9s de un mecanismo de reenv\u00edo de agentes. En otras palabras, es posible que un adversario ya tenga suficiente informaci\u00f3n de firma para comprometer la clave privada de una v\u00edctima, incluso si no se utilizan m\u00e1s versiones vulnerables de PuTTY. Despu\u00e9s de un compromiso clave, un adversario puede realizar ataques a la cadena de suministro del software mantenido en Git. Un segundo escenario independiente es que el adversario sea un operador de un servidor SSH en el que la v\u00edctima se autentica (para inicio de sesi\u00f3n remoto o copia de archivos), aunque la v\u00edctima no conf\u00ede plenamente en este servidor y la v\u00edctima utilice la misma clave privada. para conexiones SSH a otros servicios operados por otras entidades. Aqu\u00ed, el operador del servidor fraudulento (que de otro modo no tendr\u00eda forma de determinar la clave privada de la v\u00edctima) puede obtener la clave privada de la v\u00edctima y luego usarla para acceder no autorizado a esos otros servicios. Si los otros servicios incluyen servicios Git, nuevamente es posible realizar ataques a la cadena de suministro del software mantenido en Git. Esto tambi\u00e9n afecta, por ejemplo, a FileZilla anterior a 3.67.0, WinSCP anterior a 6.3.3, TortoiseGit anterior a 2.15.0.1 y TortoiseSVN hasta 1.14.6."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-316xx/CVE-2024-31634.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31634",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-16T04:15:08.463",
"lastModified": "2024-04-16T04:15:08.463",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Xunruicms versions 4.6.3 and before, allows remote attacker to execute arbitrary code via the Security.php file in the catalog \\XunRuiCMS\\dayrui\\Fcms\\Library."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en Xunruicms versiones 4.6.3 y anteriores, permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del archivo Security.php en el cat\u00e1logo \\XunRuiCMS\\dayrui\\Fcms\\Library."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-316xx/CVE-2024-31648.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31648",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T21:15:07.503",
"lastModified": "2024-04-15T21:15:07.503",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) in Insurance Management System v1.0, allows remote attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter at /core/new_category2."
},
{
"lang": "es",
"value": "Cross Site Scripting (XSS) en Insurance Management System v1.0, permite a atacantes remotos ejecutar scripts web o HTML arbitrario a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Nombre de categor\u00eda en /core/new_category2."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-316xx/CVE-2024-31649.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31649",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T21:15:07.547",
"lastModified": "2024-04-15T21:15:07.547",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter."
},
{
"lang": "es",
"value": "Cross-site scripting (XSS) en Cosmetics and Beauty Product Online Store v1.0 permite a los atacantes ejecutar scripts web o HTML arbitrario a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Nombre del producto."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-316xx/CVE-2024-31650.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31650",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T21:15:07.593",
"lastModified": "2024-04-15T21:15:07.593",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter."
},
{
"lang": "es",
"value": "Cross-site scripting (XSS) en Cosmetics and Beauty Product Online Store v1.0 permite a los atacantes ejecutar scripts web o HTML arbitrario a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Apellido."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-316xx/CVE-2024-31651.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31651",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T22:15:09.023",
"lastModified": "2024-04-15T22:15:09.023",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter."
},
{
"lang": "es",
"value": "Cross-site scripting (XSS) en Cosmetics and Beauty Product Online Store v1.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Nombre."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-316xx/CVE-2024-31652.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31652",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T21:15:07.637",
"lastModified": "2024-04-15T21:15:07.637",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search parameter."
},
{
"lang": "es",
"value": "Cross-site scripting (XSS) en Cosmetics and Beauty Product Online Store v1.0 permite a los atacantes ejecutar scripts web o HTML arbitrario a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro de b\u00fasqueda."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-317xx/CVE-2024-31783.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31783",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-16T04:15:09.140",
"lastModified": "2024-04-16T04:15:09.140",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Typora v.1.6.7 and before, allows a local attacker to obtain sensitive information via a crafted script during markdown file creation."
},
{
"lang": "es",
"value": "La vulnerabilidad de Cross-Site Scripting (XSS) en Typora v.1.6.7 y anteriores permite a un atacante local obtener informaci\u00f3n confidencial a trav\u00e9s de una secuencia de comandos manipulada durante la creaci\u00f3n del archivo de rebajas."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-317xx/CVE-2024-31784.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31784",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-16T04:15:09.200",
"lastModified": "2024-04-16T04:15:09.200",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the src component."
},
{
"lang": "es",
"value": "Un problema en Typora v.1.8.10 y anteriores permite a un atacante local obtener informaci\u00f3n confidencial y ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el componente src."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-319xx/CVE-2024-31990.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31990",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-15T20:15:11.127",
"lastModified": "2024-04-15T20:15:11.127",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The API server does not enforce project sourceNamespaces which allows attackers to use the UI to edit resources which should only be mutable via gitops. This vulenrability is fixed in 2.10.7, 2.9.12, and 2.8.16.\n"
},
{
"lang": "es",
"value": "Argo CD es una herramienta declarativa de entrega continua de GitOps para Kubernetes. El servidor API no aplica los espacios de nombres de origen del proyecto, lo que permite a los atacantes usar la interfaz de usuario para editar recursos que solo deber\u00edan poder modificarse a trav\u00e9s de gitops. Esta vulnerabilidad se corrigi\u00f3 en 2.10.7, 2.9.12 y 2.8.16."
}
],
"metrics": {

4
CVE-2024/CVE-2024-31xx/CVE-2024-3135.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-3135",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-01T19:15:46.257",
"lastModified": "2024-04-02T12:50:42.233",
"lastModified": "2024-04-16T12:15:10.367",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The web server lacked CSRF tokens allowing an attacker to host malicious JavaScript on a host that when visited by a LocalAI user, could allow the attacker to fill disk space to deny service or abuse credits."
"value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in the mudler/localai application, allowing attackers to craft malicious webpages that, when visited by a victim, perform unauthorized actions on the victim's local LocalAI instance without their consent. This vulnerability enables attackers to exhaust system resources, consume credits, and fill disk space by making numerous resource-intensive API calls, such as generating images or uploading files. The vulnerability stems from the application's acceptance of simple request content-types without requiring CSRF tokens or implementing other CSRF mitigation measures. Successful exploitation does not require network access to the vulnerable LocalAI environment."
},
{
"lang": "es",

8
CVE-2024/CVE-2024-320xx/CVE-2024-32035.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32035",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-15T20:15:11.323",
"lastModified": "2024-04-15T20:15:11.323",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. This flaw can be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on ImageSharp for image processing tasks. Users and administrators are advised to update to the latest version of ImageSharp that addresses this vulnerability to mitigate the risk of exploitation. The problem has been patched in v3.1.4 and v2.1.8."
},
{
"lang": "es",
"value": "ImageSharp es una API de gr\u00e1ficos 2D. Una vulnerabilidad descubierta en la librer\u00eda ImageSharp, donde el procesamiento de archivos especialmente manipulados puede provocar un uso excesivo de memoria en los decodificadores de im\u00e1genes. La vulnerabilidad se activa cuando ImageSharp intenta procesar archivos de imagen manipulados para explotar esta falla. Esta falla puede explotarse para provocar una denegaci\u00f3n de servicio (DoS) al agotar la memoria del proceso, afectando as\u00ed a las aplicaciones y servicios que dependen de ImageSharp para las tareas de procesamiento de im\u00e1genes. Se recomienda a los usuarios y administradores que actualicen a la \u00faltima versi\u00f3n de ImageSharp que solucione esta vulnerabilidad para mitigar el riesgo de explotaci\u00f3n. El problema se solucion\u00f3 en v3.1.4 y v2.1.8."
}
],
"metrics": {

8
CVE-2024/CVE-2024-320xx/CVE-2024-32036.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32036",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-15T20:15:11.543",
"lastModified": "2024-04-15T20:15:11.543",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ImageSharp is a 2D graphics API. A heap-use-after-free flaw was found in ImageSharp's JPEG and TGA decoders. This vulnerability is triggered when an attacker passes a specially crafted JPEG or TGA image file to ImageSharp for conversion, potentially leading to information disclosure. The problem has been patched in v3.1.4 and v2.1.8."
},
{
"lang": "es",
"value": "ImageSharp es una API de gr\u00e1ficos 2D. Se encontr\u00f3 una falla de heap-use-after-free en los decodificadores JPEG y TGA de ImageSharp. Esta vulnerabilidad se activa cuando un atacante pasa un archivo de imagen JPEG o TGA especialmente manipulado a ImageSharp para su conversi\u00f3n, lo que podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n. El problema se solucion\u00f3 en v3.1.4 y v2.1.8."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32557.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32557",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-16T07:15:12.030",
"lastModified": "2024-04-16T07:15:12.030",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through 2.6.9.2.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Exclusive Addons Exclusive Addons Elementor permite almacenar XSS. Este problema afecta a Elementor de complementos exclusivos: desde n/a hasta 2.6.9.2."
}
],
"metrics": {

8
CVE-2024/CVE-2024-326xx/CVE-2024-32625.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32625",
"sourceIdentifier": "68630edc-a58c-4cbd-9b01-0e130455c8ae",
"published": "2024-04-16T09:15:07.167",
"lastModified": "2024-04-16T09:15:07.167",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations"
},
{
"lang": "es",
"value": "En OffloadAMRWriter, un campo escalar no se inicializa, por lo que contendr\u00e1 un valor arbitrario sobrante de c\u00e1lculos anteriores."
}
],
"metrics": {

8
CVE-2024/CVE-2024-326xx/CVE-2024-32631.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32631",
"sourceIdentifier": "68630edc-a58c-4cbd-9b01-0e130455c8ae",
"published": "2024-04-16T09:15:07.900",
"lastModified": "2024-04-16T09:15:07.900",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations."
},
{
"lang": "es",
"value": "Los l\u00edmites le\u00eddos en ciCCIOTOPT en ASR180X provocar\u00e1n c\u00e1lculos incorrectos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-326xx/CVE-2024-32632.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32632",
"sourceIdentifier": "68630edc-a58c-4cbd-9b01-0e130455c8ae",
"published": "2024-04-16T09:15:08.080",
"lastModified": "2024-04-16T09:15:08.080",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A value in ATCMD will be misinterpreted by printf, causing incorrect output and possibly out-of-bounds memory access"
},
{
"lang": "es",
"value": "Printf malinterpretar\u00e1 un valor en ATCMD, lo que provocar\u00e1 una salida incorrecta y posiblemente un acceso a la memoria fuera de los l\u00edmites."
}
],
"metrics": {

8
CVE-2024/CVE-2024-326xx/CVE-2024-32633.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32633",
"sourceIdentifier": "68630edc-a58c-4cbd-9b01-0e130455c8ae",
"published": "2024-04-16T09:15:08.260",
"lastModified": "2024-04-16T09:15:08.260",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way."
},
{
"lang": "es",
"value": "Un valor sin signo nunca puede ser negativo, por lo que la prueba de disco completo de eMMC siempre se evaluar\u00e1 de la misma manera."
}
],
"metrics": {

8
CVE-2024/CVE-2024-326xx/CVE-2024-32634.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32634",
"sourceIdentifier": "68630edc-a58c-4cbd-9b01-0e130455c8ae",
"published": "2024-04-16T09:15:08.460",
"lastModified": "2024-04-16T09:15:08.460",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In huge memory get unmapped area check, code can never be reached because of a logical contradiction. "
},
{
"lang": "es",
"value": "En una memoria enorme, se verifica el \u00e1rea no asignada, nunca se puede acceder al c\u00f3digo debido a una contradicci\u00f3n l\u00f3gica."
}
],
"metrics": {

51
CVE-2024/CVE-2024-32xx/CVE-2024-3243.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-3243",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-16T13:15:11.400",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the send_test_email() function in all versions up to, and including, 5.46.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to send arbitrary test emails."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/customer-reviews-woocommerce/trunk/includes/settings/class-cr-settings-review-discount.php#L506",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3069811/customer-reviews-woocommerce/trunk/includes/settings/class-cr-settings-review-discount.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a0e80e63-f4f7-44cc-ae29-72e7847d7448?source=cve",
"source": "security@wordfence.com"
}
]
}

8
CVE-2024/CVE-2024-32xx/CVE-2024-3271.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3271",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:12.017",
"lastModified": "2024-04-16T00:15:12.017",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by crafting input that does not contain an underscore but still results in the execution of OS commands. The vulnerability allows for remote code execution (RCE) on the server hosting the application."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en el repositorio run-llama/llama_index, espec\u00edficamente dentro de la funci\u00f3n safe_eval. Los atacantes pueden eludir el mecanismo de seguridad previsto, que comprueba la presencia de guiones bajos en el c\u00f3digo generado por LLM, para ejecutar c\u00f3digo arbitrario. Esto se logra elaborando entradas que no contienen guiones bajos pero que aun as\u00ed dan como resultado la ejecuci\u00f3n de comandos del sistema operativo. La vulnerabilidad permite la ejecuci\u00f3n remota de c\u00f3digo (RCE) en el servidor que aloja la aplicaci\u00f3n."
}
],
"metrics": {

55
CVE-2024/CVE-2024-33xx/CVE-2024-3367.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-3367",
"sourceIdentifier": "security@checkmk.com",
"published": "2024-04-16T12:15:10.463",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p25 and <2.3.0b5 allows local attacker to inject one argument to runmqsc"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-349"
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/16615",
"source": "security@checkmk.com"
}
]
}

8
CVE-2024/CVE-2024-34xx/CVE-2024-3493.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3493",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-04-15T22:15:09.073",
"lastModified": "2024-04-15T22:15:09.073",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix\u00a05580,\u00a0CompactLogix 5380,\u00a0and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \n\n"
},
{
"lang": "es",
"value": "Un tipo de paquete fragmentado con formato incorrecto espec\u00edfico (los dispositivos que env\u00edan grandes cantidades de datos pueden generar paquetes fragmentados autom\u00e1ticamente) puede causar una falla mayor no recuperable (MNRF) en ControlLogix 5580, Guard Logix 5580, CompactLogix 5380 y 1756-EN4TR de Rockwell Automation. Si se explota, el producto afectado dejar\u00e1 de estar disponible y requerir\u00e1 un reinicio manual para recuperarlo. Adem\u00e1s, un MNRF podr\u00eda provocar una p\u00e9rdida de visi\u00f3n y/o control de los dispositivos conectados."
}
],
"metrics": {

8
CVE-2024/CVE-2024-35xx/CVE-2024-3571.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3571",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:12.203",
"lastModified": "2024-04-16T00:15:12.203",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory ('Path Traversal') in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to information disclosure or remote code execution. The issue lies in the handling of file paths in the mset and mget methods, where user-supplied input is not adequately sanitized, allowing directory traversal sequences to reach unintended directories."
},
{
"lang": "es",
"value": "langchain-ai/langchain es vulnerable al path traversal debido a una limitaci\u00f3n inadecuada de un nombre de ruta a un directorio restringido (\"Path Traversal\") en su funcionalidad LocalFileStore. Un atacante puede aprovechar esta vulnerabilidad para leer o escribir archivos en cualquier parte del sistema de archivos, lo que podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n o la ejecuci\u00f3n remota de c\u00f3digo. El problema radica en el manejo de las rutas de los archivos en los m\u00e9todos mset y mget, donde la entrada proporcionada por el usuario no se sanitiza adecuadamente, lo que permite que las secuencias de directory traversal lleguen a directorios no deseados."
}
],
"metrics": {

8
CVE-2024/CVE-2024-35xx/CVE-2024-3572.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3572",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:12.387",
"lastModified": "2024-04-16T00:15:12.387",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The scrapy/scrapy project is vulnerable to XML External Entity (XXE) attacks due to the use of lxml.etree.fromstring for parsing untrusted XML data without proper validation. This vulnerability allows attackers to perform denial of service attacks, access local files, generate network connections, or circumvent firewalls by submitting specially crafted XML data. "
},
{
"lang": "es",
"value": "El proyecto scrapy/scrapy es vulnerable a ataques de entidades externas XML (XXE) debido al uso de lxml.etree.fromstring para analizar datos XML que no son de confianza sin la validaci\u00f3n adecuada. Esta vulnerabilidad permite a los atacantes realizar ataques de denegaci\u00f3n de servicio, acceder a archivos locales, generar conexiones de red o eludir firewalls enviando datos XML especialmente manipulados."
}
],
"metrics": {

8
CVE-2024/CVE-2024-35xx/CVE-2024-3573.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3573",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:12.570",
"lastModified": "2024-04-16T00:15:12.570",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the misclassification of URIs as non-local. Attackers can exploit this by crafting malicious model versions with specially crafted 'source' parameters, enabling the reading of sensitive files within at least two directory levels from the server's root."
},
{
"lang": "es",
"value": "mlflow/mlflow es vulnerable a la inclusi\u00f3n de archivos locales (LFI) debido a un an\u00e1lisis inadecuado de los URI, lo que permite a los atacantes eludir las comprobaciones y leer archivos arbitrarios en el sistema. El problema surge de la falla de la funci\u00f3n 'is_local_uri' para manejar adecuadamente los URI con esquemas vac\u00edos o de 'archivo', lo que lleva a la clasificaci\u00f3n err\u00f3nea de los URI como no locales. Los atacantes pueden aprovechar esto creando versiones de modelos maliciosos con par\u00e1metros de \"fuente\" especialmente manipulados, lo que permite la lectura de archivos confidenciales dentro de al menos dos niveles de directorio desde la ra\u00edz del servidor."
}
],
"metrics": {

8
CVE-2024/CVE-2024-35xx/CVE-2024-3574.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3574",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:12.750",
"lastModified": "2024-04-16T00:15:12.750",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In scrapy version 2.10.1, an issue was identified where the Authorization header, containing credentials for server authentication, is leaked to a third-party site during a cross-domain redirect. This vulnerability arises from the failure to remove the Authorization header when redirecting across domains. The exposure of the Authorization header to unauthorized actors could potentially allow for account hijacking."
},
{
"lang": "es",
"value": "En la versi\u00f3n 2.10.1 de scrapy, se identific\u00f3 un problema por el cual el encabezado de Autorizaci\u00f3n, que contiene las credenciales para la autenticaci\u00f3n del servidor, se filtra a un sitio de terceros durante una redirecci\u00f3n entre dominios. Esta vulnerabilidad surge de no eliminar el encabezado de Autorizaci\u00f3n al redireccionar entre dominios. La exposici\u00f3n del encabezado de Autorizaci\u00f3n a actores no autorizados podr\u00eda permitir el secuestro de cuentas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-35xx/CVE-2024-3575.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3575",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:12.930",
"lastModified": "2024-04-16T00:15:12.930",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in mindsdb/mindsdb"
},
{
"lang": "es",
"value": "Cross-Site Scripting (XSS): almacenado en mindsdb/mindsdb"
}
],
"metrics": {

47
CVE-2024/CVE-2024-36xx/CVE-2024-3672.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-3672",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-16T13:15:11.573",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The BA Book Everything plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'all-items' shortcode in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping on user supplied attributes such as 'classes'. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3070808%40ba-book-everything&new=3070808%40ba-book-everything&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0ce06d3-491e-4565-8b26-f33937aee3e8?source=cve",
"source": "security@wordfence.com"
}
]
}

8
CVE-2024/CVE-2024-38xx/CVE-2024-3803.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3803",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-15T19:15:10.000",
"lastModified": "2024-04-15T19:15:10.000",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Vesystem Cloud Desktop up to 20240408. This vulnerability affects unknown code of the file /Public/webuploader/0.1.5/server/fileupload.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Vesystem Cloud Desktop hasta 20240408 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo /Public/webuploader/0.1.5/server/fileupload.php. La manipulaci\u00f3n del archivo de argumentos conduce a una carga sin restricciones. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-260776. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {

8
CVE-2024/CVE-2024-38xx/CVE-2024-3804.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3804",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-15T20:15:11.750",
"lastModified": "2024-04-15T20:15:11.750",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Vesystem Cloud Desktop up to 20240408. This issue affects some unknown processing of the file /Public/webuploader/0.1.5/server/fileupload2.php. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260777 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad clasificada como cr\u00edtica ha sido encontrada en Vesystem Cloud Desktop hasta 20240408. Este problema afecta a un procesamiento desconocido del archivo /Public/webuploader/0.1.5/server/fileupload2.php. La manipulaci\u00f3n del archivo de argumentos conduce a una carga sin restricciones. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-260777. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {

4
CVE-2024/CVE-2024-38xx/CVE-2024-3867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3867",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-16T10:15:08.163",
"lastModified": "2024-04-16T10:15:08.163",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

51
CVE-2024/CVE-2024-38xx/CVE-2024-3869.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-3869",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-16T13:15:11.737",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'woocommerce_json_search_coupons' function . This makes it possible for attackers with subscriber level access to view coupon codes."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/customer-reviews-woocommerce/trunk/includes/settings/class-cr-settings-review-discount.php#L470",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3069811/customer-reviews-woocommerce/trunk/includes/settings/class-cr-settings-review-discount.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/881e8096-e75f-49a7-87ed-c230e93ea378?source=cve",
"source": "security@wordfence.com"
}
]
}

8
CVE-2024/CVE-2024-38xx/CVE-2024-3871.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3871",
"sourceIdentifier": "research@onekey.com",
"published": "2024-04-16T09:15:08.630",
"lastModified": "2024-04-16T09:15:08.630",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements two features\u00a0(access control lists management, WPS pin setup) that are affected by command injections and stack overflows vulnerabilities.\nSuccessful exploitation of these flaws would allow remote authenticated attackers to gain remote command execution with\u00a0elevated privileges on the affected devices.\n\nThis issue affects DVW-W02W2-E2 through version 2.5.2.\n\n"
},
{
"lang": "es",
"value": "Los dispositivos Delta Electronics DVW-W02W2-E2 exponen una interfaz de administraci\u00f3n web a los usuarios. Esta interfaz implementa dos funciones (administraci\u00f3n de listas de control de acceso, configuraci\u00f3n de pines WPS) que se ven afectadas por inyecciones de comandos y vulnerabilidades de desbordamiento de pila. La explotaci\u00f3n exitosa de estas fallas permitir\u00eda a atacantes autenticados remotamente obtener la ejecuci\u00f3n remota de comandos con privilegios elevados en los dispositivos afectados. Este problema afecta a DVW-W02W2-E2 hasta la versi\u00f3n 2.5.2."
}
],
"metrics": {

8
CVE-2024/CVE-2024-38xx/CVE-2024-3872.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-3872",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-04-16T09:15:08.817",
"lastModified": "2024-04-16T09:15:08.817",
"vulnStatus": "Received",
"lastModified": "2024-04-16T13:24:07.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link.\n\n"
},
{
"lang": "es",
"value": "Las versiones 2.13.0 y anteriores de la aplicaci\u00f3n Mattermost Mobile utilizan una expresi\u00f3n regular con complejidad polin\u00f3mica para analizar ciertos enlaces profundos, lo que permite a un atacante remoto no autenticado congelar o bloquear la aplicaci\u00f3n a trav\u00e9s de un enlace largo creado con fines malintencionados."
}
],
"metrics": {

43
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-04-16T12:00:37.616877+00:00
2024-04-16T14:00:39.549011+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-04-16T10:15:08.163000+00:00
2024-04-16T13:24:07.103000+00:00
```
### Last Data Feed Release
@ -33,22 +33,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
245689
245694
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `5`
- [CVE-2024-1357](CVE-2024/CVE-2024-13xx/CVE-2024-1357.json) (`2024-04-16T10:15:07.273`)
- [CVE-2024-3867](CVE-2024/CVE-2024-38xx/CVE-2024-3867.json) (`2024-04-16T10:15:08.163`)
- [CVE-2024-3067](CVE-2024/CVE-2024-30xx/CVE-2024-3067.json) (`2024-04-16T13:15:11.230`)
- [CVE-2024-3243](CVE-2024/CVE-2024-32xx/CVE-2024-3243.json) (`2024-04-16T13:15:11.400`)
- [CVE-2024-3367](CVE-2024/CVE-2024-33xx/CVE-2024-3367.json) (`2024-04-16T12:15:10.463`)
- [CVE-2024-3672](CVE-2024/CVE-2024-36xx/CVE-2024-3672.json) (`2024-04-16T13:15:11.573`)
- [CVE-2024-3869](CVE-2024/CVE-2024-38xx/CVE-2024-3869.json) (`2024-04-16T13:15:11.737`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `87`
- [CVE-2024-28834](CVE-2024/CVE-2024-288xx/CVE-2024-28834.json) (`2024-04-16T10:15:08.023`)
- [CVE-2024-31651](CVE-2024/CVE-2024-316xx/CVE-2024-31651.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-31652](CVE-2024/CVE-2024-316xx/CVE-2024-31652.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-31783](CVE-2024/CVE-2024-317xx/CVE-2024-31783.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-31784](CVE-2024/CVE-2024-317xx/CVE-2024-31784.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-31990](CVE-2024/CVE-2024-319xx/CVE-2024-31990.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-32035](CVE-2024/CVE-2024-320xx/CVE-2024-32035.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-32036](CVE-2024/CVE-2024-320xx/CVE-2024-32036.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-32557](CVE-2024/CVE-2024-325xx/CVE-2024-32557.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-32625](CVE-2024/CVE-2024-326xx/CVE-2024-32625.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-32631](CVE-2024/CVE-2024-326xx/CVE-2024-32631.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-32632](CVE-2024/CVE-2024-326xx/CVE-2024-32632.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-32633](CVE-2024/CVE-2024-326xx/CVE-2024-32633.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-32634](CVE-2024/CVE-2024-326xx/CVE-2024-32634.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3271](CVE-2024/CVE-2024-32xx/CVE-2024-3271.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3493](CVE-2024/CVE-2024-34xx/CVE-2024-3493.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3571](CVE-2024/CVE-2024-35xx/CVE-2024-3571.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3572](CVE-2024/CVE-2024-35xx/CVE-2024-3572.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3573](CVE-2024/CVE-2024-35xx/CVE-2024-3573.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3574](CVE-2024/CVE-2024-35xx/CVE-2024-3574.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3575](CVE-2024/CVE-2024-35xx/CVE-2024-3575.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3803](CVE-2024/CVE-2024-38xx/CVE-2024-3803.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3804](CVE-2024/CVE-2024-38xx/CVE-2024-3804.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3867](CVE-2024/CVE-2024-38xx/CVE-2024-3867.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3871](CVE-2024/CVE-2024-38xx/CVE-2024-3871.json) (`2024-04-16T13:24:07.103`)
- [CVE-2024-3872](CVE-2024/CVE-2024-38xx/CVE-2024-3872.json) (`2024-04-16T13:24:07.103`)
## Download and Usage

181
_state.csv
View File

@ -153263,9 +153263,9 @@ CVE-2020-22524,0,0,d223c918a9e40f02c98fa96a7c1227e50448daabfb47b51bb99a61ba75d19
CVE-2020-2253,0,0,9e7a975dfb632d671244bc460a0f18fa733410dc7c7cc49ddd16ac3918e30941,2023-10-25T18:16:39.320000
CVE-2020-22533,0,0,c0df4453440eceb8364f05129759f1dd36960011b6db513ee7c8c3190e1ad9e5,2023-04-10T19:17:46.887000
CVE-2020-22535,0,0,b136010f4871055238df5e297192a1f29d418cc573899fc383cd46da663a725d,2021-07-13T18:58:42.140000
CVE-2020-22539,0,0,be76647cc8c84a0fc0596b0e20318b9e59570cd3119736a319a9a59dc2267326,2024-04-15T22:15:07.620000
CVE-2020-22539,0,1,2680998952c9f04298ab9361aee13d635719761435f659dd04e3f02eef1bf3f0,2024-04-16T13:24:07.103000
CVE-2020-2254,0,0,1050f9f4fea9d4094af3458e14b0d0bc3fe4101cc3ec4b0ccbf561c5b1735d35,2023-10-25T18:16:39.377000
CVE-2020-22540,0,0,40392e183b4637d63850d14d35083cda3e7353dc519fbc81e49acbbb7b1be193,2024-04-15T23:15:06.730000
CVE-2020-22540,0,1,1677dc8594ae96dd80073b3a3c3d044cb3685c170c7479cc3ab79a7bf8bfb3fe,2024-04-16T13:24:07.103000
CVE-2020-2255,0,0,b0f5d0b2c67f81d4bbaabca28feaecb4a54966dce1e91f650f211cd1611e877c,2023-10-25T18:16:39.430000
CVE-2020-22550,0,0,2f0dfdef9c3de0287094b7070c5b626bb5590a3c10a3adb7f67ddab2ea97e573,2021-01-06T20:18:38.987000
CVE-2020-22552,0,0,a9d02e01746f298f35c1914e9eab118a371e84f62ba213e194a41f96c8287369,2024-02-14T01:17:43.863000
@ -224271,7 +224271,7 @@ CVE-2023-33799,0,0,305cd11e82407e2f1418594c912c51575ced497a8d726d0116c463448bcfd
CVE-2023-3380,0,0,09eb100a7535a76c1c42c61f8811933306ce601f0a1f109a4d7524a88fe8d40a,2024-04-11T01:21:09.573000
CVE-2023-33800,0,0,a5ab1b33268aa3f3ad82ea9ce8a47dd6283c4edb8a31e8eec446c8d42c7259ed,2024-02-02T13:54:55.517000
CVE-2023-33802,0,0,d991e125c81c3c6955766a3a1ec05d945fde44c022637cfee43e882cf26c16bd,2023-08-01T20:51:21.320000
CVE-2023-33806,0,0,8ce7a797661fed2636e67c035b9666a9950876e75c9e5d537c33b3bb03230b05,2024-04-15T23:15:06.837000
CVE-2023-33806,0,1,e015196f1fdfc0af72f8382466acd711eec84d36bb1851487ccea34c87bae00a,2024-04-16T13:24:07.103000
CVE-2023-3381,0,0,2f7c206f10d9c2981f7574302382ea3929835c02c5df65d92de04adab1f9b54b,2024-04-11T01:21:09.670000
CVE-2023-33817,0,0,092d281565dcdaad14414ae45eebee5d28e27224f7701e924566c603397c3e01,2023-06-17T03:12:09.227000
CVE-2023-3382,0,0,529d2715bd649c1c308143b28b8144512df6fe3b7bab2e177bcde37bfb640e26,2024-04-11T01:21:09.760000
@ -231940,7 +231940,7 @@ CVE-2023-4549,0,0,b164d449c6b81a3ba54bde28f0ec7071af2fdcf217bea524f7877136e980fc
CVE-2023-45498,0,0,9fbea6578e0361be6c913fd33d87683bc8a582dc6b0a40c1eeaf22c1f0c54536,2023-12-21T15:15:08.843000
CVE-2023-45499,0,0,4c6e1c9276308156f5b73e70c61b8b53efa5eb1fb4dd49f0564fe499bfa4ecfa,2023-12-21T15:15:08.953000
CVE-2023-4550,0,0,2558ec86a68b1e966b280fd5689de5b0e0dec885828a33b7c99ef2b68fefebe4,2024-02-05T18:30:53.983000
CVE-2023-45503,0,0,436702f218110a4ecce9a2951479ce70dc0157a4809da9f1716138be0192df26,2024-04-15T20:15:10.777000
CVE-2023-45503,0,1,4df40562aee2aa65fceb2b00069d8a31cd7d2431617cb2e58cec300c608abac9,2024-04-16T13:24:07.103000
CVE-2023-4551,0,0,bc996734c23bb18ec96cde93f9df4175d62275280a68c371db2ca9a4582785c5,2024-02-05T22:02:02.550000
CVE-2023-45510,0,0,06fbbdc3ed25dd49181b4327c102ec5156dcee2f99d26874dac1fc542b46a9d9,2023-10-18T13:00:07.247000
CVE-2023-45511,0,0,40ff41c6d703d21f217daded71ce4617b7f20d1c3608cafd7b090832d8a74981,2023-10-18T12:59:41.747000
@ -237238,7 +237238,7 @@ CVE-2023-6034,0,0,09c321c8120ec1a33e5dcc10b54ef8bb1787bc881466a10031781146c8b31f
CVE-2023-6035,0,0,239e061af4707986f4101697bf3cb409215d9a36ae84324505bfb96e1d5fb1db,2023-12-13T17:26:18.047000
CVE-2023-6036,0,0,377d1951c712c44402e0fb4a4d3bf0b5dc6e021ccc04a9002babfefc0b3d43f9,2024-02-12T17:31:21.670000
CVE-2023-6037,0,0,9ad67aeb9ce80222dd0e1c0dda89b29a9b700cafc97e94472829da8bfe1775a6,2024-01-08T15:06:29.210000
CVE-2023-6038,0,0,3c92b5b1816084b47a1d42042b52a4cbf2480e30b74b558fd1656e6b5e174dd8,2024-02-08T10:15:10.703000
CVE-2023-6038,0,1,3b2e7c0ee82b5b76f2800397f8eafd4e505a4dff525a1418c91b64a879bf4775,2024-04-16T12:15:08.780000
CVE-2023-6039,0,0,b215edb2a36ba791315cad08416e505994ddd28bde33357245442ca89eb29a3c,2023-11-16T17:59:48.420000
CVE-2023-6040,0,0,58594f6bf20a9f3224d49065ab088edc1e703fab7ec15836e864cb0482668345,2024-02-08T16:15:46.600000
CVE-2023-6042,0,0,875c2be9809d61d15b7e95eaa15e65feced880e3c081ed58decdf5ccf4455443,2024-01-11T19:57:29.590000
@ -237675,7 +237675,7 @@ CVE-2023-6564,0,0,c826562542a8a23a07bd1ef5a48ee0e001d214874c7d38cd57b8bb73919126
CVE-2023-6565,0,0,7b5b2b86351ad0fc8a6adc1c9eb2b8930d362aa41bb35a754ac3a501666ba9f9,2024-02-29T13:49:47.277000
CVE-2023-6566,0,0,12b1a3550020f6348cc6c6f999927af391bd2cf553bcd8f1029608dbe3f8afd4,2023-12-12T15:54:28.520000
CVE-2023-6567,0,0,c4ab1076a2bcd783e14522f9d2f7372b479fd870320c43a1887fbb3ce346e041,2024-01-17T18:46:59.213000
CVE-2023-6568,0,0,35b32d9784792b646685563427df978818e6e6e67afb580e23295360349c30b1,2023-12-09T04:51:50.623000
CVE-2023-6568,0,1,934ce8273d4133a0b446a41d3323bb11ce5ddd41f83ef69e898f2673eb3cdcbf,2024-04-16T12:15:08.957000
CVE-2023-6569,0,0,62450388d512c008ae936c8eff95e10efe40e7e5b03345b7c2897c9350cbcb20,2023-12-18T20:14:18.327000
CVE-2023-6570,0,0,b00a0a828373b329ff13c1081435ce9a784e88312c4836aaead8d62f13900266,2023-12-18T20:13:39.747000
CVE-2023-6571,0,0,2971c4d2df818f02c3c10c0bc2d28d16e444f4c8b2d97bf16dbde3b66f239008,2023-12-18T20:12:18.817000
@ -238494,7 +238494,7 @@ CVE-2024-0399,0,0,f9efd00d0c28d2f5fd7844014ccf20e6de83c83ab3d0467105e159f94efa80
CVE-2024-0400,0,0,18035b4484267a537c15645ebee53285fc55ae5559f980b5f9795ec2795f24dd,2024-03-27T12:29:30.307000
CVE-2024-0402,0,0,2fe1b596353be20e61cfde75d3fd6588203ea2d19b7c21e2ce1c5a9ecc57cc90,2024-01-31T18:34:47.867000
CVE-2024-0403,0,0,ba0983060e2034b216b25cd26ed2bb024a7850bc1fcd95abc9a090d5040f7805,2024-03-01T14:04:26.010000
CVE-2024-0404,0,0,439e6573cc8ef187b7ac5beef096226d13bb0014030952d16a024d248f13c71b,2024-04-16T00:15:07.387000
CVE-2024-0404,0,1,f66e4aae55250898f4ea41fe8e33c7b9d8158214afcab6aefc212b1ddf85c6ae,2024-04-16T13:24:07.103000
CVE-2024-0405,0,0,efdadcc35fc4ed87224ff4e930a96f9ee86e8b4ccb1a79f084616e91b90070e3,2024-01-24T17:23:09.773000
CVE-2024-0406,0,0,4de5d4ab88b41346d6a48c20921cbb8ae5c4852e44406dfa1d2b986bdcdbe033,2024-04-08T18:48:40.217000
CVE-2024-0407,0,0,f3bc2895be8ea5b6951b82e45fc670b2af282e8da3ab8846004c7a5f8a8e92ad,2024-02-22T19:07:37.840000
@ -238626,7 +238626,7 @@ CVE-2024-0545,0,0,33f9c06bf07e44e4b274747ed2f9c0a5862da94624965e6aedfe68f1264dd6
CVE-2024-0546,0,0,c0fce79f04249df091783752857079bce441eed36bda246ec025e0166b9f98fa,2024-04-11T01:24:02.513000
CVE-2024-0547,0,0,62b9962e2236cea9a69c6737ec876e1173f6c43092fdf3150278c5a410b519d5,2024-04-11T01:24:02.603000
CVE-2024-0548,0,0,89f142f7b0201ff3d0f6f67de9991d28a4332c556639fc5105a3d076d50a693e,2024-04-11T01:24:02.697000
CVE-2024-0549,0,0,eb221ac1f40a885841c2b7d570084214a25f859c805069981ab353178d6cdbf3,2024-04-16T00:15:07.603000
CVE-2024-0549,0,1,488f5582d963dac043702fa5017f9c33f84ef6603e836b233edcf553f66f0309,2024-04-16T13:24:07.103000
CVE-2024-0550,0,0,8d977de657073865c788c3a2c5f9e4e3f64456f8b73b63da114e244f4c4b442e,2024-02-28T14:06:45.783000
CVE-2024-0551,0,0,2b91cbbed6a2082f9e57a9fec5e442f0a040393a6b881ae515635ac2821da912,2024-02-27T14:19:41.650000
CVE-2024-0552,0,0,cb39895c5b0e747125001c9ad52f066ef8fb141fe496b45dac067f5c5920590c,2024-01-23T19:34:05.483000
@ -238844,7 +238844,7 @@ CVE-2024-0794,0,0,36986248b7c9d8425e7fabba0d9325944fe0eea86bc965d5055adaa302764b
CVE-2024-0795,0,0,f976ab88704d78f6d7f1dd53910b66051a926108f5a3a57a9054259d669d3e7f,2024-03-04T13:58:23.447000
CVE-2024-0796,0,0,117654d8458e901616b5dcc51586c0e623b4d624a6f0f01cf88de01da401d097,2024-02-13T19:40:50.223000
CVE-2024-0797,0,0,009aa845f9ae5bde1b4c5995aa015349e7f6ec6f8f0f63bfb450e718f9300e52,2024-02-13T19:40:35.397000
CVE-2024-0798,0,0,ba23652ce73c9b8c244a7681efb184c4b56b5235b10f3fd8e342e4d0ca961b20,2024-02-26T16:32:25.577000
CVE-2024-0798,0,1,3380dadd215e54305a2e2c3afbeebf75c115fdd510e021bcd2ef9ec04691ed7a,2024-04-16T12:15:09.113000
CVE-2024-0799,0,0,565bc32cefccc7b54c8a2a9ae87b575853af295d8bcf02c26770d29b4f9124c3,2024-03-14T12:52:21.763000
CVE-2024-0800,0,0,d01951efcbc246e656d94cfc618f67e25f655df800a6a24c24ab44bafa9ef9ed,2024-03-14T12:52:21.763000
CVE-2024-0801,0,0,a89dd8886cf81b019461340c433bdec2c4bcb02d2b385117b1316445faec54f0,2024-03-14T12:52:21.763000
@ -239119,7 +239119,7 @@ CVE-2024-1128,0,0,a231b73c645395e365defb40ca5d41741520485dac9e62df464e6e1705f68d
CVE-2024-1129,0,0,efcf801aad96aab23ddf4c5c1c7fe067759cd524a5f540fb4b3132cd808f2d93,2024-02-29T13:49:29.390000
CVE-2024-1130,0,0,19b9a2e3e227bc6e3d85f9dd98bd15cfd41c18a2ee1bc79c328385d5148fea32,2024-02-29T13:49:29.390000
CVE-2024-1133,0,0,85f4bf6d861639f9431d20ab28a51d2af9f3a3ecb32590788260710816d3a125,2024-02-29T13:49:29.390000
CVE-2024-1135,0,0,73baee14d2364dcf13b5e638d837e4806053f270015f5601fa2de00fb4bab507,2024-04-16T00:15:07.797000
CVE-2024-1135,0,1,c3a236c5c6957ecdd6613fef5a4b8da5800083256e79cbf6170c74e433eeb19d,2024-04-16T13:24:07.103000
CVE-2024-1136,0,0,609070256c4defa988e1113275bf8273fe15f50574e00ed3dcfde13143e471cc,2024-02-28T14:06:45.783000
CVE-2024-1137,0,0,9f8c1cf74ca4778ab709faeea998997368a7f042480977a7d6535f2dd892d7f7,2024-03-13T12:33:51.697000
CVE-2024-1138,0,0,0bb26866b03e9dd351d8284004467140fe2cfdfbd72af071fda864e5a2dc9e58,2024-03-13T12:33:51.697000
@ -239156,7 +239156,7 @@ CVE-2024-1178,0,0,1d79d2baf0c52babf00a18f14ce6291cb7fba70afba005e5722ced55b2d8af
CVE-2024-1179,0,0,021c629d3779737b7d82b050f297fa166d2dce17da45eec990d84ef3164da439,2024-04-02T12:50:42.233000
CVE-2024-1180,0,0,67cc918e7b225376383a234e7a182443eae07c7dc034d299d9771cc94c55c9b6,2024-04-03T17:24:18.150000
CVE-2024-1181,0,0,3878a855f0577e7ef140d59905a2ce6431a946183d23ae64dcb6feffc50f80bc,2024-03-20T13:00:16.367000
CVE-2024-1183,0,0,73bb0a4075dc21e9373580e3baa50353b5bacace9ae7c3e40b48dfde4b4c87bf,2024-04-16T00:15:07.990000
CVE-2024-1183,0,1,ad3d5dd53b834e77fe27d619baf926c439310129c1f2f0d669e6120516ae79a3,2024-04-16T13:24:07.103000
CVE-2024-1184,0,0,bbff1860a1cea45a3ec3908345b659da42115cd6d1e536731f804f61974d7041,2024-04-11T01:24:21.490000
CVE-2024-1185,0,0,551d47d9e7032d4f38d79a26340f74929b3ea08873a82e6bc73a68b1426c3039,2024-04-11T01:24:21.583000
CVE-2024-1186,0,0,1e79be3a06e02687b9a0270f7cd0412b0705cde36613d995bd562cb61d2c4c35,2024-04-11T01:24:21.673000
@ -239301,7 +239301,7 @@ CVE-2024-1353,0,0,7dc4bcc56a6ab6ae775b6111486ce2b2e99fc200a3863d36a2e31e24dc0d9d
CVE-2024-1354,0,0,7e9a958865e30c89765260c45d4ae133e4c586a23883dff6b33b804192a001d2,2024-03-05T20:22:24.573000
CVE-2024-1355,0,0,dd36a54ac939524c987827d5cb09797409e1063b770f9d9a2dc86b1a7287f5d9,2024-03-05T20:22:38.100000
CVE-2024-1356,0,0,006a2f6dfff4352ae3ba24ba5214951c5372a0a8f840d4bddd3e210bc6737588,2024-03-06T15:18:08.093000
CVE-2024-1357,1,1,86f2546c172a1b4712de16d6bc09f84c806aac6ebb777c328d0bc0178aedd701,2024-04-16T10:15:07.273000
CVE-2024-1357,0,1,3e719d1386b68f74bac78fded4c12eb6113d801d07a6b01c6c13cbf093a4f755,2024-04-16T13:24:07.103000
CVE-2024-1358,0,0,59bf1dc2789a9e992220be1d0127dfa83d08d3077a1ea92d6417d6450ac5f1b5,2024-03-13T18:16:18.563000
CVE-2024-1359,0,0,709fa5d5f426354abf236525051c41916ab3da3c1737b61ccd8944f2befceb44,2024-03-05T20:22:49.650000
CVE-2024-1360,0,0,c38d2c5ac11d100cefb5af1387d1e4e25b28335fbaa6d0c6e411837b2ffbcd64,2024-02-23T16:14:43.447000
@ -239333,7 +239333,7 @@ CVE-2024-1390,0,0,71eb0c49e1915160a890c9df4d2040fa529dd6e699ca4bdcf3f6829a9c0e60
CVE-2024-1391,0,0,95159e2513e9127a66f6050cbc2679326245e87281e8aee9653919649cc97f74,2024-03-13T18:15:58.530000
CVE-2024-1392,0,0,0948736f211221c32ddb432668205bccae67223b950d877ef11c76bff68a1c8f,2024-03-13T18:15:58.530000
CVE-2024-1393,0,0,d7662d0cf4655f5dc37cac1727274e85c0d695350e85be99fa06d400366cbddc,2024-03-13T18:15:58.530000
CVE-2024-1394,0,0,c68208d74597e19128044b736591fb2dc574b6dece99332bc5e66fbe3be1f584,2024-04-03T18:15:07.140000
CVE-2024-1394,0,1,102fd054825a768b48f933ef2790bac150f3c02b22828aec0d8482aa6febfad5,2024-04-16T13:15:11.050000
CVE-2024-1397,0,0,e6d8c9c2beca75d3fdc5f918cb423cf21913a9c807f46126d5b49c29c7bd60f0,2024-03-13T12:33:51.697000
CVE-2024-1398,0,0,2b28153468f4d42956e25c3f4649f2a8573b6a6d707501b23def6a1cde88644b,2024-03-04T13:58:23.447000
CVE-2024-1400,0,0,295a10f36c3e13d694d09cafc6872c0c48f9e2b4c87da0889327ecdac7abe4ac,2024-03-12T12:40:13.500000
@ -239381,8 +239381,8 @@ CVE-2024-1451,0,0,3f6435be1eda5f484a72686d969060594b556ef09b071072e8b2c55917874d
CVE-2024-1452,0,0,51f181c1ce7f414dcbc42b69c76b53c13d660e1251c29566016e6272acef67be,2024-03-13T18:15:58.530000
CVE-2024-1453,0,0,f2c87bd71819898e18766c6a4daf73ab310fc7d532ef66c70b02c381b9ef54a2,2024-03-01T22:22:25.913000
CVE-2024-1454,0,0,cc63bfc078899c3bc2d22b3e00f458fc4bbbae1bbb587edc98f331b0cecc8681,2024-03-23T03:15:10.633000
CVE-2024-1455,0,0,e991b0f975ced8cb78d5000d363daf3daaec18408e94acd68eacb2c7bf82f408,2024-03-26T17:09:53.043000
CVE-2024-1456,0,0,7bddac365efd790a5b9fe476d06d2e9de8007be3eaa75a385594a14fe7f409e1,2024-04-16T00:15:08.170000
CVE-2024-1455,0,1,0cc1f392b2a40d222ec254a15a7a8b6be4cc158e28f516e4971bbabc928a97d1,2024-04-16T12:15:09.230000
CVE-2024-1456,0,1,ca8952b3ad6c75e50b669eb8146d70b62e9e386218c1d37b9382cb8c97a3ed29,2024-04-16T13:24:07.103000
CVE-2024-1458,0,0,66bdbc91195a55d9296ac1ceb5474c75aed0d73b189c6e7e68fdb9d572621be2,2024-04-10T13:24:00.070000
CVE-2024-1459,0,0,11d2cc6cb4f85209b5f6836b3ad08354090d0f8d1b51c2b33235c6338b29d8d2,2024-02-27T16:55:31.430000
CVE-2024-1460,0,0,72a696faff0084769a753b7a612492bd21b36a83db7299f8f95b0e781bb3b173,2024-03-07T13:52:27.110000
@ -239405,7 +239405,7 @@ CVE-2024-1478,0,0,54fc4d2d1af2d772e45f440cc01a56a5078a7b4f242f25febd2c561b4b9b40
CVE-2024-1479,0,0,75eecf66dbf69c578ea2f09e6e564cdf3b04311a1ae51ea49bee3724800fe960,2024-03-13T18:15:58.530000
CVE-2024-1481,0,0,9be0fdcf57b38b07a109c4217cf66bb00129c047018ee84a1da402a4636338fe,2024-04-11T12:47:44.137000
CVE-2024-1482,0,0,61f1933d97f430ea5062371f54d100c6fb03c771024804bcdad5092bc2efbfc7,2024-02-15T06:23:39.303000
CVE-2024-1483,0,0,44a751ab8a94a0653ee686651ca7a0f4453bf3bad2d8b09fbe0aacce0ee1401d,2024-04-16T00:15:08.353000
CVE-2024-1483,0,1,1ba808cb1c0d1fdcf5723092c3904b20d4561fdb7083f3ee67b919f5196c5851,2024-04-16T13:24:07.103000
CVE-2024-1484,0,0,2816ffb064ebf87ebca44e6afd6928df4e130e61997f3bc50802157887bafe8f,2024-03-13T18:15:58.530000
CVE-2024-1485,0,0,b9f4145834ee9d538c2d6e8caecb301f8f2dde5a282a13e80f59671c5263bb0b,2024-02-22T01:15:07.980000
CVE-2024-1487,0,0,4babefa588849ee1245b3617562779aff5a83c140fe8b2bbb7875eaeb547f015,2024-03-12T12:40:13.500000
@ -239434,7 +239434,7 @@ CVE-2024-1516,0,0,50bb822e8d066ea0a8046784c688ecc5177d77cc865bfce700f2cb9134b0d3
CVE-2024-1519,0,0,2349ac13c4eb6bd10a6dccd0fba3669f2785336517a8d1bbbacf8acdcdfa897c,2024-02-29T13:49:29.390000
CVE-2024-1520,0,0,55b303c658ed91ec92ac05246c838f410f74ac6f2e73a8130c99a143059d51f6,2024-04-10T19:49:51.183000
CVE-2024-1521,0,0,e31c834264512a69616436064a77ed46807a9b0fc5577151a1db5822b2ee5d08,2024-03-27T12:29:30.307000
CVE-2024-1522,0,0,8bfca5f3c162d40561c1f9b92ce67330399ab9d09eefc219fd8bb388cf123792,2024-04-02T19:15:46.807000
CVE-2024-1522,0,1,a27d665d9d54d9d12889d0cc8afc3193356026c444e99a0634c6b5d7b1e5fe98,2024-04-16T12:15:09.357000
CVE-2024-1523,0,0,f116f5c7229d6f0f04f439ad6a3d52c1533e55121c04642056dacb383b9d25ea,2024-02-15T06:23:39.303000
CVE-2024-1525,0,0,fff84c6c726ad730b73a3bd54bd21496a1cae79f6fe36efed68cabad049a1519,2024-03-04T20:14:59.457000
CVE-2024-1526,0,0,e7277f6a626a70309be39464e736abf323cd708de19be296a41d0d995c79568a,2024-04-01T12:49:00.877000
@ -239449,7 +239449,7 @@ CVE-2024-1535,0,0,7255c6be1810dbc4afc4f45b728bb55298341e3ab85edaac0e9655847ba8a9
CVE-2024-1536,0,0,669060e163f370fedfd4948dc9fa8a5a7395533214e9effc17742d4b9f37486d,2024-03-13T18:15:58.530000
CVE-2024-1537,0,0,e42dd97dd13243b673b7a4811cb279b7a17feafe285181593a671121725592ac,2024-03-13T18:15:58.530000
CVE-2024-1538,0,0,cf3ce67e434b13978c8bf540e7bb85a1883a5fe5fc43fe6c0a1fc1bece799fbd,2024-03-21T12:58:51.093000
CVE-2024-1540,0,0,8d119c057a437c8c6cf75b8e69a38137f19f3281d59b9e1008cf42936259433b,2024-03-27T17:48:21.140000
CVE-2024-1540,0,1,a3aaa35027b9408ea06e252eab2b07dd71b4824232b3154240c966d9370a41c1,2024-04-16T12:15:09.617000
CVE-2024-1541,0,0,cbf61d6d2d603b9a5f919a51455f88dc204f81e18c4458b01b90633217c9f6ff,2024-03-13T18:15:58.530000
CVE-2024-1546,0,0,d87548555f4c8992ddc193a435b01cbf450a34c4725a832074955ddd5326558a,2024-03-04T09:15:37.650000
CVE-2024-1547,0,0,fc3de1ace81ccfdd8fbde9e6a6951be522c10c940115407bd01fd7d037e7d770,2024-03-04T09:15:37.740000
@ -239463,16 +239463,16 @@ CVE-2024-1554,0,0,51bcfe751807d4d6410c368832472cf124bf37d471c5f88b9700c04d2ab988
CVE-2024-1555,0,0,f57fb9b43dcfd8583a3f6ef3f3a5a22a459a3b84d27b7a22ae41177b23a4786f,2024-02-20T19:50:53.960000
CVE-2024-1556,0,0,0c19373f62fcf273cb065e3fb8af3a2d083630b67d0fb722c29a886678bc0791,2024-02-20T19:50:53.960000
CVE-2024-1557,0,0,978ef608c552159752f59e69dd64676670cae08244ade28eed0956281b92bf42,2024-02-20T19:50:53.960000
CVE-2024-1558,0,0,22655d4ebdc7452b6f4d74be9e3a39b435319fca9ec42811a8a3874908ccc237,2024-04-16T00:15:08.533000
CVE-2024-1558,0,1,fb152d3b9db09dbbca2cd8328a3b02d84db95813593f18b1b26949f879e017cb,2024-04-16T13:24:07.103000
CVE-2024-1559,0,0,7267a9d4f0fdc8e6beebb6576542d2139b43547409ac8db00ae3f081eb5efbe3,2024-02-20T19:50:53.960000
CVE-2024-1560,0,0,a66f695d48d85e5bf0b305dbfc7fdce078bbf9d0b2d67b2c924b8630eb9c78b7,2024-04-16T00:15:08.713000
CVE-2024-1561,0,0,68db266d0d45d28d81ef8fdd233041f1085653ae003c691e13d9246f5f14770f,2024-04-16T00:15:08.887000
CVE-2024-1560,0,1,271d2853e08df4f79fd1ff0202001d8d2c5f05b3c07f8a9720fa0c3ee07fd968,2024-04-16T13:24:07.103000
CVE-2024-1561,0,1,2f50259b914307ebf5053f89eaeaccfd6164ff1f028fe1775ab6a050ce4dd020,2024-04-16T13:24:07.103000
CVE-2024-1562,0,0,19bad0af1c61f457a105e66f4eeb0fde8d2d444a29c6c496b32c177adc1d4546,2024-02-22T19:07:37.840000
CVE-2024-1563,0,0,ac871d8436144a6ee546ec0773b6ca1aaa07e76619d71421483fc96f836a0fc4,2024-02-22T19:07:27.197000
CVE-2024-1564,0,0,84875cf797fa64328b336ae33772e46886c72657e3c983b9d184a2a3d50ffd3e,2024-03-25T13:47:14.087000
CVE-2024-1566,0,0,bcb44d286e02234542f3c248bc98cc24bc3480b83f57b1e48ca76a36f687c2d5,2024-02-28T14:06:45.783000
CVE-2024-1568,0,0,7ab3f38998f0710d2dd36692efaa4d3f1b1bcb35035794e68e81071a3e18c01a,2024-02-28T14:06:45.783000
CVE-2024-1569,0,0,93116bbd333a7bff2b3b16da608f656ed947be2366d8c1bcef2b3b203a0ec974,2024-04-16T00:15:09.060000
CVE-2024-1569,0,1,4b71bedec4a1528fa42ec60009db4665ea96567ec249e5864edd831fa0bb983a,2024-04-16T13:24:07.103000
CVE-2024-1570,0,0,1629a1493afa93044df9f22af1e83d093e3e06db82a23b409138b92d94c2f5f4,2024-02-29T13:49:29.390000
CVE-2024-1571,0,0,b1806e0b2d46f5d2ef86ed95b11ec13eeefb63bf2736347df987f91692e6e418,2024-04-10T13:24:00.070000
CVE-2024-1580,0,0,4a10e63fa95d49470234e2661449f906487822e0aeb3a95c53a88e84627958f0,2024-03-27T18:15:09.063000
@ -239485,13 +239485,13 @@ CVE-2024-1589,0,0,d7dcf36ad68703d9507d75fc584fbb1d9ba1bfd4c920be78263720d8b4274d
CVE-2024-1590,0,0,8cf7a30592711c236a58c08f65bffca938f2cb5ec79513db7f6cedfa37d0bfed,2024-02-23T16:14:43.447000
CVE-2024-1591,0,0,5be9d5eb37b54abd94768ebbe67eba50cb17a1e413e20ea4b748010438d82a94,2024-02-16T19:26:55.393000
CVE-2024-1592,0,0,965346d0a7ca3e51ca977c4fd26f0e3560a08e1634c83ba1c6c4fb2880b00740,2024-03-04T13:58:23.447000
CVE-2024-1593,0,0,b6f85eb6ba207a53fd0d5cd1aba0b3f642e8e0875553a8d8870bc83f9cc50036,2024-04-16T00:15:09.247000
CVE-2024-1594,0,0,77082eaa04f7723cfa61f19feefd05a15c8d6c244f4203fcb3f0040b412cdd01,2024-04-16T00:15:09.417000
CVE-2024-1593,0,1,5d762f901a5b7a13ebd19f4f0e91645438720f053707b63d3e7e21f508c31a71,2024-04-16T13:24:07.103000
CVE-2024-1594,0,1,1d62f8d55fb3a974435872bb233738098cc7a319efe1e15acb72ee1c1daae795,2024-04-16T13:24:07.103000
CVE-2024-1595,0,0,0ac9aed2c4ed6b9e7bc181d6ab55412b8033a5bfcbc541a4a4b602392614e428,2024-03-01T14:04:26.010000
CVE-2024-1597,0,0,0f4f23ec46679606cdd437d4a5995239b95bc335fc96e4908f79b7360e8edf01,2024-03-25T16:42:20.787000
CVE-2024-1599,0,0,b311d4a0dc15f34db1bbc87ad8dd7c897ec570363d8bc742044c2c93d7c9f5bd,2024-04-10T19:49:51.183000
CVE-2024-1600,0,0,a1cf7c20c4c53ecd0ddc2601c3f6df39efaefde9047db784f0058d6905cd6130,2024-04-10T19:49:51.183000
CVE-2024-1601,0,0,ef4b72e8b787b86ef58a53a2696c36de1655093cbc84f406751aeabd13f70023,2024-04-16T00:15:09.597000
CVE-2024-1601,0,1,5de9e18b0c5a4daa146100818a9ac068a88d159e30320cca5c3c0caf368ddd5c,2024-04-16T13:24:07.103000
CVE-2024-1602,0,0,76aec42ffd2b96054ed086070f4eccb3306dfc781bb48ef20d91a6a2f0a7ff04,2024-04-10T19:49:51.183000
CVE-2024-1603,0,0,5d1338246e7eff570937017899def31d469c1473946b1d3e9d827eb4f9c8131e,2024-03-25T01:51:01.223000
CVE-2024-1604,0,0,5eb6bfa2b690cdc5042b3cd6683eec4697c9011ce1615c69d454ffb962b9e2b0,2024-03-18T12:38:25.490000
@ -239504,7 +239504,7 @@ CVE-2024-1622,0,0,008d271b6bbf0be364def470530167dff53e33fd04b103e731aac594ad8fe3
CVE-2024-1623,0,0,74336518ba6901cae439374d392edb30e277a62b6b1e25aec45bf5853748bc8f,2024-03-14T14:21:20.217000
CVE-2024-1624,0,0,8ff2a979e4088239466c1acbb0cfaf042208e053724e13d43a230f06f51b582a,2024-03-01T22:22:25.913000
CVE-2024-1625,0,0,4ba907aa1a1dd27775e22d4cd9cce968dc8ac08df94b60ca185a9fb1ca383af5,2024-04-10T19:49:51.183000
CVE-2024-1626,0,0,332dc4a088d957e5fb132716316a1014da4047080bdbac5240997e38a98b6fc5,2024-04-16T00:15:09.777000
CVE-2024-1626,0,1,ac9b8b0903b9ae57f05771b26c6af5cbf4afe681a2d641916ada86a962fcf520,2024-04-16T13:24:07.103000
CVE-2024-1631,0,0,fc2893d5d84aff0551fae290d2fe3cfb3246f815cc3e85e7be8cb7a443e59ea9,2024-02-22T19:07:37.840000
CVE-2024-1632,0,0,6e1c47780d96ad6fcb59ec0ca790b51a445b7ba6bfe735fc687e801fa4e9fa24,2024-02-28T14:06:45.783000
CVE-2024-1633,0,0,38fdaaa081cb72684e8a3a7c24003a4981094738f4cb62580982692842e12368,2024-02-20T19:50:53.960000
@ -239518,7 +239518,7 @@ CVE-2024-1642,0,0,b56fc714c74323ffc8268da7a782967b97e8e6de1f7a55688041114caad828
CVE-2024-1643,0,0,e3df219e8eb9506e92b2b6e4de208b2b263ce33723b442fcd24ff658bbde2969,2024-04-10T19:49:51.183000
CVE-2024-1644,0,0,258e0c2c60e2ead118c6bf409e3c4e6182303d86b8fb67135f0b03753d76fde4,2024-02-20T19:50:53.960000
CVE-2024-1645,0,0,2619adac1c0f0c116c53be4723992c1a8dff6295e94a2a44bd69bdc264974def,2024-03-12T12:40:13.500000
CVE-2024-1646,0,0,fcf14df662a66bc201236e3213af61646c717ed445a81b90ad5b6f5c992ccdc2,2024-04-16T00:15:09.967000
CVE-2024-1646,0,1,c8a39ee16645961a8adae7a71dc5d87620d08853f546af811210815ef8b164ad,2024-04-16T13:24:07.103000
CVE-2024-1647,0,0,54139a2a2a3a50db142faf8dcea4fe1dc96abdff85a01701062a380d090db1a3,2024-02-20T19:50:53.960000
CVE-2024-1648,0,0,df8581548207f098c521d901093d9d52c33a9f0520924af81b2273765446e0d5,2024-02-20T19:50:53.960000
CVE-2024-1649,0,0,cddd1d16a2fa649554e20977d58fb00396a226e17a846f01579d277dc429b938,2024-02-27T14:19:41.650000
@ -239532,8 +239532,8 @@ CVE-2024-1658,0,0,bd2757c2314dc2f8bd52ce15b18a6ca41069d2e3f9ff401d7a725ad82b1db0
CVE-2024-1660,0,0,068c83f9afc694d855bcbb99610bd3ca5f918af7baf81b6ceb2a3be3520f6bf7,2024-04-15T13:15:31.997000
CVE-2024-1661,0,0,f312eb090520ffb66607a66e9775fcc14e047ccc64e730a5fbedaf4d2a07048e,2024-04-11T01:24:28.913000
CVE-2024-1664,0,0,c240cf09d136b8ae3766d60b95066ae5935a6052d7cd59ed400a537e65636ac2,2024-04-09T12:48:04.090000
CVE-2024-1665,0,0,603b9e42ad1b0a632b020f1b56af88e5250fd5d01bea4bf02075c12a09c54181,2024-04-16T00:15:10.150000
CVE-2024-1666,0,0,ba23db392ac56197d553a9ed1751e0dac79018485aab4c0214d1a3ad756b6cb7,2024-04-16T00:15:10.330000
CVE-2024-1665,0,1,85850268afa8f45cb216640500e9f9bf4c397be3fcaf3ba3d1fb4051141bde34,2024-04-16T13:24:07.103000
CVE-2024-1666,0,1,a40e8fc9293cfb1145d3e1e7f135accc0146030f08ee21589fc7baafb865977a,2024-04-16T13:24:07.103000
CVE-2024-1668,0,0,5ab0efbb5f521102a265a18c62e4efdda2d28d47a9245ca5f6f130ff2a6275be,2024-03-13T18:15:58.530000
CVE-2024-1669,0,0,3362eeabf5b6399fda046d3f728ab967509d79cc74a91c5ce260a94031135ec7,2024-02-26T16:27:52.577000
CVE-2024-1670,0,0,ae75c94f0b29c0a28e4a7c87bcbb408051ef24e0c713cce4805624b9b431840f,2024-02-26T16:27:52.643000
@ -239575,15 +239575,15 @@ CVE-2024-1720,0,0,5a5ae92be6fac7e3fb5aac9fbad05927fd3add77d067fc4c0b5a11a75c8da7
CVE-2024-1722,0,0,44f76876458eb58496685e90ceedacd781a70fa58f68fffc91c47d3fb5ef0258,2024-02-29T13:49:29.390000
CVE-2024-1723,0,0,6ede5956ec1f8bc932d476f2c9a22da838daca98409da5821be1a9704022149c,2024-03-13T18:15:58.530000
CVE-2024-1725,0,0,d50733b72e0a7510fad89b9c9b7bf0d2638e14767cb02af892440874a7d9300e,2024-04-03T00:15:08.563000
CVE-2024-1727,0,0,f4e653a98477d638f895ffe05e108bd41757e63f270b3b4944ff32c3013cd3b1,2024-03-22T12:45:36.130000
CVE-2024-1727,0,1,a7ba950431c841d63e5eda97447121909cf0b94a0e0f2a68d97b3e6ce11f4afe,2024-04-16T12:15:09.843000
CVE-2024-1728,0,0,cc77f96c808327822a9f33d38543fe59887a1a70be257d5713ef1082e9fb55b5,2024-04-10T19:49:51.183000
CVE-2024-1729,0,0,b3ca5508bfb083cdea896b92a09e828f2c1fd7bb0ef520936c76664f50b7ea2b,2024-03-29T12:45:02.937000
CVE-2024-1729,0,1,e89faa43e2aac352951c59ebd22691fbb83ea1dce43d3c94d1423497ec4f419a,2024-04-16T12:15:09.930000
CVE-2024-1731,0,0,821cb90315cb9f4f7918b214fe3fccab28c34a154536cc83cdd6334afe7fa34e,2024-03-05T13:41:01.900000
CVE-2024-1732,0,0,8ef28be53d93676ca4adde749fa15f7be0c9b44418d87a27465d25f0d08763cf,2024-04-02T12:50:42.233000
CVE-2024-1733,0,0,0a3bd094d039e642acfbaf43d971fa4ffe129283e1d81d79ef06d054dffc1500,2024-03-17T22:38:29.433000
CVE-2024-1735,0,0,61e8c0e981cc6b9050dd9c2e339a7c68bcb1457c500d53fe6d2ab0fd7b1649e2,2024-02-26T16:32:25.577000
CVE-2024-1738,0,0,f7d655e0f5cdeb0ef0277b5681963b7938f3a5275d7912fde242847e7671dc09,2024-04-16T00:15:10.510000
CVE-2024-1739,0,0,ec4160f2ab3a1ac046b9865da4acd1148cb647b47c0532a99fd684a8d610863a,2024-04-16T00:15:10.697000
CVE-2024-1738,0,1,97a7896d029e8acc1f9a8642f0ea5e5d8115e570437f011cdbbf9b3dceab6984,2024-04-16T13:24:07.103000
CVE-2024-1739,0,1,398ce12115ac80cff2c91fe0aa06351d90b13a79f040c7b34d2ff3e71cc6590f,2024-04-16T13:24:07.103000
CVE-2024-1740,0,0,a4727f762c1d1efaf400e2db679e98eaa1364e84183339aff737ffb5d021d54f,2024-04-10T19:49:51.183000
CVE-2024-1741,0,0,8eb30dbe15b5283e03c33d39f75d76c5ac55db42f52c47f6ca39d280d36909ea,2024-04-15T18:15:09.937000
CVE-2024-1742,0,0,4fbf4a0c921fc3a958c91053411502e81c61e37a288f49d83ab6feab91ed6e07,2024-03-22T12:45:36.130000
@ -239699,7 +239699,7 @@ CVE-2024-1887,0,0,c4ea1f30b4ee64401ec471c46007c0919b3d087c3cc77ec486ec75f252891a
CVE-2024-1888,0,0,5c48c7ef8072bebc640799142c34dfeb37124cccb7d60f3f8c8d95bce0e2f85b,2024-02-29T13:49:29.390000
CVE-2024-1889,0,0,266d2715fa1a608706d6d5ec1f8a7bfcae214ce874200158676325862e799b25,2024-04-11T01:24:33.167000
CVE-2024-1890,0,0,d821e28303657343be278f464dff038e934f4ce7013e324636dd2062e1ff0b5d,2024-04-11T01:24:33.240000
CVE-2024-1892,0,0,373f803d6e2c349da77bd96fbf4e63bc235b5171a737a3452c0ca1b5e8e1db5d,2024-02-28T14:06:45.783000
CVE-2024-1892,0,1,496f86c779f360256e1e190fecff75b396ebefe831fecdca264ec166e984ab7e,2024-04-16T12:15:10.050000
CVE-2024-1893,0,0,678e936c89e4c4b6fa8874f1c864b24cc93a2715a395ba59ed61dfe9d57d4f11,2024-04-10T13:23:38.787000
CVE-2024-1894,0,0,9ac2447d78b1be48d8de07fcf9beac6b1c3a9f0af4ea5741b3b2d6e9b7f97eab,2024-03-13T18:15:58.530000
CVE-2024-1898,0,0,cd46da23aa9e689b946891d810a24293bd08f970fb7bfbbf6f19e3a7303f1ecd,2024-03-06T15:18:08.093000
@ -239751,7 +239751,7 @@ CVE-2024-1956,0,0,5d6f6903c59c264faff18a7d730514ef8c8f257378e253aea7524c9395e9f8
CVE-2024-1957,0,0,237438b4967582c4482af65f46317da6bc0de85528f1bd158496cca267c3ca9b,2024-04-15T13:15:31.997000
CVE-2024-1958,0,0,37958071a5e3626b0202aace46631ba6fa86579be41bc6a7a46ba3505e19759c,2024-04-08T18:48:40.217000
CVE-2024-1960,0,0,dfd1b0f1ac48f633451a81968052e172becf7727c212216325a77c712783473a,2024-04-10T13:23:38.787000
CVE-2024-1961,0,0,d8f2da219d7ed0cfa583ece9610099bb9622ef8de9c00dfba3304afac7a01852,2024-04-16T00:15:10.867000
CVE-2024-1961,0,1,1ad40dbb280787cbf7aa20e2a91cddc248067e17c5f59d7460567ef9bed4a35c,2024-04-16T13:24:07.103000
CVE-2024-1962,0,0,8c71ccd644902c0f670c27728543c4472e05aeb359cd7fb7b0615991cb743fd6,2024-03-25T13:47:14.087000
CVE-2024-1965,0,0,53b8948dc1992d8ed8a6fb1de9b8b2c61bce73181655f1de36932a04b4a837af,2024-02-28T14:06:45.783000
CVE-2024-1970,0,0,d3aea28e144f49dbf23817ed920457508211fde47410f2dc8402d51fca340e23,2024-04-11T01:24:34.623000
@ -240103,7 +240103,7 @@ CVE-2024-20826,0,0,1a2a4e934c8514887386e35aae6b0ccf0aedae18d6fe83cfc4689cc1b2309
CVE-2024-20827,0,0,51a6042d70228977abf6297970536e644bedff0837e589a194444fc3f28f32fc,2024-02-13T21:01:49.557000
CVE-2024-20828,0,0,57b5867a2d09c01b884e4a60a990a25a3f1326aa7e15d51e828ec54b12809061,2024-02-13T21:04:29.373000
CVE-2024-20829,0,0,2339bc414f649bfe93b6713d49182c6543186577fe6544ef83e6012dd4b71b18,2024-03-05T13:41:01.900000
CVE-2024-2083,0,0,e83e88dd3f3450714e5e71efca1bb905280e2a9c983d45ef2b50e1c337a61766,2024-04-16T00:15:11.057000
CVE-2024-2083,0,1,cab9e6d6d90124eca56a49614da3c7a402f647392fc29471d7a994ed6d4c1b97,2024-04-16T13:24:07.103000
CVE-2024-20830,0,0,67dbbe24099e38dedc23b760eb68f6946af4eaa38fecf7216e25cfdab695dceb,2024-03-05T13:41:01.900000
CVE-2024-20831,0,0,902da394009b57004c02060db6b4346f1490148871bbed67a8fde3d5ba96a26f,2024-04-02T01:15:51.563000
CVE-2024-20832,0,0,4f705a024417fbb0b5f23831b8792ff2a03c2652a3c7f09ba92d476d529957ab,2024-04-02T01:15:51.670000
@ -240674,7 +240674,7 @@ CVE-2024-22051,0,0,351db93d6ca76e0dc0a7975efc553f9724406030c8337d111a27ec7033241
CVE-2024-22052,0,0,0227f99d44e89893938b4544ca95dcc1c41e798d05744c94fdce48542d951019,2024-04-08T22:52:44.573000
CVE-2024-22053,0,0,8caa4e40ec88ec96bdfc5af942e0f8feb54eb37f45d5fc1c8cea6c8e5bc74f38,2024-04-08T22:53:03.443000
CVE-2024-22054,0,0,ea7f90611fdd0de53fc019330b39d133a7eda202c929c51b6ca495fd39ad0bf5,2024-03-04T02:15:16.820000
CVE-2024-2206,0,0,d5a4112d81b12c296cee2d4a4427b7935f710f4d11684daab2b2fb84c48f6bc9,2024-03-27T12:29:30.307000
CVE-2024-2206,0,1,89bb78f285eca92521ddf90479f409077fb3db3aa39188b40e35723bcbb7e9a7,2024-04-16T12:15:10.187000
CVE-2024-22075,0,0,e134c94ca50cfff14da7c6327f518dbd409e37e86810fc1b2a583012e3bdb9ef,2024-01-10T15:06:42.563000
CVE-2024-22076,0,0,07315b2e9c67887db1f24ee7d086d2a66716d3e4f66007058ad41d66ed9f1af5,2024-02-22T02:15:49.207000
CVE-2024-22077,0,0,c010b475c096f83047fe91548c8adb99de7b2e98732b452c87e82aaa319a4fd8,2024-03-20T13:00:16.367000
@ -240816,7 +240816,7 @@ CVE-2024-22257,0,0,f92aa8bf394d8fd611f53add1392a351f03e12bf743f9f4955afd6cb96ba5
CVE-2024-22258,0,0,73834c066fffbf1ceac081ac0d8fd511b8fd9e870301a54667895cd45741a179,2024-03-20T13:00:16.367000
CVE-2024-22259,0,0,547e720795826cec4771fb96783f58d3e37f083da9aea1ec36ad1e3651ab2c72,2024-03-17T22:38:29.433000
CVE-2024-2226,0,0,ee8f1ca60db458688b285f09c24138ba2af43e7eda48e7abf64d7861f3a6fd0e,2024-04-10T13:23:38.787000
CVE-2024-22262,0,0,3d5cc6ce69ae729bda5d36681da88e1e28c34fcc45e8d7b0f09642207f8137d9,2024-04-16T06:15:46.270000
CVE-2024-22262,0,1,9e557bc78734cb2cf073f865dcae26aa42c53d7117f48641d9186f5ec0f03587,2024-04-16T13:24:07.103000
CVE-2024-2227,0,0,a04566641cf07b0256d6370713fe01392f720fcac34bba4d9533a8931d87226f,2024-03-22T19:02:10.300000
CVE-2024-2228,0,0,9da409d4c88fb5c41c04e34c5096b8810f55668a8720e19e0dcad976dea69ce5,2024-03-22T19:02:10.300000
CVE-2024-22282,0,0,53d62e993d25bddde67f64a9b7b05dfd45a21e7eb7c9bf0be8fb90ec2911d888,2024-02-06T16:55:19.983000
@ -240991,7 +240991,7 @@ CVE-2024-22570,0,0,c41ee5b58f7f6a9dd8b89c3af365a9d60dc2b413d2b344b295ffdf6e10d67
CVE-2024-22591,0,0,f5c348c7153b233a9d90322c9527755bd871e66df7cc43f695b58dbe543197c9,2024-01-20T18:49:47.907000
CVE-2024-22592,0,0,f50afa29eb1912ea2c3e321f184317ab81adfed74c362dc96640e9870bb57ed4,2024-01-20T18:49:41.750000
CVE-2024-22593,0,0,993941354f61719e720764f4475d3b2e7a78eded6442ffaa6fe56e23dc421b8f,2024-01-20T18:49:24.957000
CVE-2024-2260,0,0,ac39d36a6dba2645f4331aae09dfceabfefe0e18cbef2b39cf69650d81e1d4e5,2024-04-16T00:15:11.237000
CVE-2024-2260,0,1,780fed16e716c2c36d16250cc6f44d73a361e413c8e89433dc6f71d79122c5fa,2024-04-16T13:24:07.103000
CVE-2024-22601,0,0,92ecea299ccef3b7cd4d91b41e992ed614a8d9984f7a4392cc8890904d00c311,2024-01-23T14:23:11.057000
CVE-2024-22603,0,0,4919aa7e5a59d3ee5df33db7d0969165de88de1745941bbbf66bc33f0421270c,2024-01-23T14:23:38.480000
CVE-2024-2261,0,0,c292e061fc6a0764495ba9495b5ee23da62e67d2c3ec4353f74385ff07320fae,2024-04-10T13:23:38.787000
@ -241409,10 +241409,10 @@ CVE-2024-23540,0,0,5f2fc628eb81e8c82d87211152b074fc9fa203c38db7086bfb5e6e1436b13
CVE-2024-2355,0,0,f6c721310f82df9519580d017e8bf61029f8844a70bedd8de94b8b84e67d5aa4,2024-04-11T01:25:22.953000
CVE-2024-23550,0,0,233aa541fdda788f0e4e95c8a9a0a8f5d7fa7689dcd559af0cf5e5843a531076,2024-02-13T00:57:33.613000
CVE-2024-23553,0,0,51ea2d50cc1ff4dbab518de2a29e9ef6a91bd6b91073c23eb1a7f0cb7c8f1090,2024-02-10T00:59:00.423000
CVE-2024-23558,0,0,f869a7d292ab38468ce7932a5db811e781a15046d6170d588830e080a830dd4f,2024-04-15T21:15:07.080000
CVE-2024-23558,0,1,0e030b3ddee305097ecf13a5fc93f84821f79454ea82e12098abf6fd591f4cb5,2024-04-16T13:24:07.103000
CVE-2024-23559,0,0,4683f3bb73772af2753e857717965c2e56da3622758b2f87d6442aaa0d7f2c20,2024-04-15T19:15:09.577000
CVE-2024-23560,0,0,1c1a349b51d987b4067e0f1bc880905166050ed006fb29270319ac3fa536dfaf,2024-04-15T20:15:10.873000
CVE-2024-23561,0,0,12ebf45cba2cc1524ef425ca27c42e0c926fe5d84a8e459468bcfa4df8001589,2024-04-15T21:15:07.243000
CVE-2024-23560,0,1,39262a3d1a015486541c11a9acaae3509226c69e322cbf4650c4cfad43009fa6,2024-04-16T13:24:07.103000
CVE-2024-23561,0,1,a22fcf5dfd91b5d6ac506750080d833a3983c3c231b1230f7c5930b307faa639,2024-04-16T13:24:07.103000
CVE-2024-2357,0,0,2af3f167a5f07c033333870e1f5044e9ac66d1548287fd20eff05541e2132cfb,2024-03-23T03:15:12.690000
CVE-2024-23584,0,0,0a74df816091d3b0eb89fda75cd2dbdfa4a27fc3d1fc7171d6cfed2608adfd53,2024-04-11T01:24:48.327000
CVE-2024-23591,0,0,f4c08614f6a162f49ecc99f020c088036b0b565e06b57796e1304b45ae78e59d,2024-02-20T22:15:08.353000
@ -241762,7 +241762,7 @@ CVE-2024-24215,0,0,d3883dc710155bd950a18903f8aa5eb2eda59d1e9725a4303b203ea7778b7
CVE-2024-24216,0,0,3c3e699d8ba3256f67c55852e9ef2e3011cfbebba9e6c02139e656f08115b8a1,2024-02-08T13:44:21.670000
CVE-2024-2423,0,0,5bfc4e68c37a4c14acd324fb416e78f1034dda3465a5e8e8246ae1e28c5e4cf2,2024-04-10T13:23:38.787000
CVE-2024-24230,0,0,ed6d69d70561399663ef8e2e33150b56625833d6257f46ca8936cf12e494e1dd,2024-03-18T12:38:25.490000
CVE-2024-2424,0,0,66d6d338936b412b833a09b76243621016ac9d913bdad0c9b7d84ad02feb4bdc,2024-04-15T22:15:08.657000
CVE-2024-2424,0,1,f5787c2c1b36f2b8e79f62711be84eff2a29f668df2a057935f974cd2f67d6d1,2024-04-16T13:24:07.103000
CVE-2024-24245,0,0,02b2177d08ffae0fccf9c4d152b876d37df4c8a7f2a57421ad045d08738c06c9,2024-04-10T13:23:38.787000
CVE-2024-24246,0,0,a359f80a084921532494c4fa2ff8f2a634ef8a2b8a955c0780fc32be13916cdd,2024-04-01T15:32:10.190000
CVE-2024-2425,0,0,42108437c542a39ceb0f679642e1b0ec6cc1a657618629f319596aa4231ada63,2024-03-26T12:55:05.010000
@ -241849,9 +241849,9 @@ CVE-2024-24478,0,0,53029a1866c8e51d808df9d589ba1404dde1cb0fc62d65580f995dabd4d21
CVE-2024-24479,0,0,52efdcf053804e26cfbce3de5246d2c841d597da16631c3f6ad2a341bcbf2762,2024-04-11T01:24:52.037000
CVE-2024-2448,0,0,9e30ccfd39b87812540a13d959f2aae1c5a415e25ce2c2852e72d5c6bc3b6d43,2024-03-22T15:34:43.663000
CVE-2024-24482,0,0,d0c5de64fed42524f00b63fd5c9fd6582210b6f756383f7c85fd22e6463f36a5,2024-02-12T17:46:35.760000
CVE-2024-24485,0,0,74351a107f9330b8b72eb7a683496e2a8b110d11d9b0708539ac4d503c299725,2024-04-15T19:15:09.740000
CVE-2024-24486,0,0,5e276a642ac56653b3a57d5aee2078c5f5ce1b485da4e40310ce1f921b03ae98,2024-04-15T19:15:09.787000
CVE-2024-24487,0,0,d1d8eeb066a92ad7e41b4832726ed49bc1e64ad94dcc160407abdd71365bbf6e,2024-04-15T19:15:09.830000
CVE-2024-24485,0,1,c7e8c403d6357c5922b5d47216b7ffdcf22e376618ae35637f5f2b9e30ec0927,2024-04-16T13:24:07.103000
CVE-2024-24486,0,1,d7ed2c16e5601f75e195b3cac3961ea438d1470aa390add1505048749d707e17,2024-04-16T13:24:07.103000
CVE-2024-24487,0,1,c593a5b965cc3533ddc557cf6b0813e8b6c5f77c215684915b40c63fb601343f,2024-04-16T13:24:07.103000
CVE-2024-24488,0,0,1834d834c06b744231a786a072c029583b1651fcc4f266317ba3be41edb13e03,2024-02-15T02:23:45.887000
CVE-2024-2449,0,0,81af4b04300933867744fde84b6165c2710bb3d8c358245e7272e559a8ae0dec,2024-03-22T15:34:43.663000
CVE-2024-24494,0,0,81f8461d94de9e292cd8ff42a2c2a5da1fbe2233d78d68b156c60eaf9ab5a816,2024-02-09T01:37:59.330000
@ -243564,7 +243564,7 @@ CVE-2024-27774,0,0,6fe31e2c0003d4fab016c3154c886020f7c2bef625382f41f7a60dc74c0ef
CVE-2024-27775,0,0,a887ec832dbcf6f0b1b703ebc438ac1eb2747b129f8cfe7b452debf6096772bf,2024-03-28T16:07:30.893000
CVE-2024-2778,0,0,61e3128d6b5b99fe23ee2707a129462f95cc39b72990559c52734572277346a0,2024-04-11T01:25:36.240000
CVE-2024-2779,0,0,87241bb56fd5ec51155c8a533081609be6976509d34f81a170150bf1607d61a0,2024-04-11T01:25:36.323000
CVE-2024-27794,0,0,bc7b31981d87909de8c249d8df46953e6c6ac2faf9538a597f97673580693530,2024-04-15T23:15:06.890000
CVE-2024-27794,0,1,f83311c8ff012592a70730809fe5cac1d0e670b37674538bd8092c8ae8d69027,2024-04-16T13:24:07.103000
CVE-2024-2780,0,0,55ab4cb1b7288a4ba9af22773d37fdeb181752a65ee0f51476504ba2b669d700,2024-04-11T01:25:36.413000
CVE-2024-2781,0,0,7440c381afc245ac61500f5670c7b774787526dc48ee470e168c2fa8882d9975,2024-03-27T12:29:30.307000
CVE-2024-2783,0,0,5e3d9294a74b759ac7450c1cf79e73d07c944f71ed4c195d3306f256a09a6879,2024-04-10T13:23:38.787000
@ -243909,9 +243909,9 @@ CVE-2024-2855,0,0,8260d982dfd24cfb14a9db4fa1ee76a66e0614a0ec6c48d9a7ac98a8fa444a
CVE-2024-28550,0,0,5d0ad6d2082f07d56cf9652440be9e3f8e89ff952367d33e244f401dd8cf5df1,2024-03-18T19:40:00.173000
CVE-2024-28551,0,0,40072188bc078513c98fe36eadc61408f0edcb42335d89d71c256bffca8b5040,2024-03-27T12:29:30.307000
CVE-2024-28553,0,0,f74a5d2edd657e610cfc2b884ed1530d128afd106cc0a285c1f4868830f65cd2,2024-03-21T20:58:52.357000
CVE-2024-28556,0,0,78e33f56477f145774fb527f7cef8c37efdad78e418f453292b5cae07364531a,2024-04-15T19:15:09.870000
CVE-2024-28557,0,0,66656fa58021832be3134de7d55129a9d727344168dfdf2eaa1f34d7736bbfc5,2024-04-15T19:15:09.913000
CVE-2024-28558,0,0,7b83a6d234cd7d987adefe571acbaa06b525c474d1220894addcc2994f63a48a,2024-04-15T19:15:09.957000
CVE-2024-28556,0,1,029da341ae14e92abfb4c485ffb138fbfc54e57700e0fcdf8ee83f0fd4fd46dc,2024-04-16T13:24:07.103000
CVE-2024-28557,0,1,c99317056e88c11c2e22bbb1cd9d424821ae7d16f3a12f097c6433bace1fd1cd,2024-04-16T13:24:07.103000
CVE-2024-28558,0,1,42fcc68e970ec7953900aa21345c948b519133d0fec39b6a390e75bbfed3bf69,2024-04-16T13:24:07.103000
CVE-2024-28559,0,0,6f7249af13d3d458dea5181e480abd5d70401028fb6553338823fba575746002,2024-03-22T12:45:36.130000
CVE-2024-2856,0,0,cd0104a7ef74a65bcc6d3665277e6342e96b29a8bec44526788309db6945bdf6,2024-04-11T01:25:39.460000
CVE-2024-28560,0,0,73cbd87a5bcb29476004a8f71bcb58ba805b830f22d73a89125c2feb4312f2b7,2024-03-22T12:45:36.130000
@ -244001,7 +244001,7 @@ CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedc
CVE-2024-28823,0,0,d5aa89b5cdac6c3847ac374cba2a65b191e57c43dc618aabb1da571ab5b5e9dc,2024-03-11T12:47:42.653000
CVE-2024-28824,0,0,5a9476ae0fdb0520e3a986c832f5f9e27a50da5cb3aa11e06910544296f0e530,2024-03-22T12:45:36.130000
CVE-2024-2883,0,0,e66be81816608580e2e81ffcb02cca4ae9a2aa5cbea60907cc2e1d80cffbaf4a,2024-03-29T04:15:08.743000
CVE-2024-28834,0,1,617326121e7c54a3f8d3016598aad088c45cb90d6701018c5def233025840695,2024-04-16T10:15:08.023000
CVE-2024-28834,0,0,617326121e7c54a3f8d3016598aad088c45cb90d6701018c5def233025840695,2024-04-16T10:15:08.023000
CVE-2024-28835,0,0,49bfbdf44145b6f468532fe63c5f22ee250837480948f586b7ece01b89ae82eb,2024-03-21T12:58:51.093000
CVE-2024-28836,0,0,ef9665bb9a0895616f82c07b3b8f93ecbb9dcd318a88906096e3fd29af01d6df,2024-04-03T12:38:04.840000
CVE-2024-28847,0,0,91e84a48bf06058e30212c2ac01ab493cb3959d3b6bfc21c8760687b856baf08,2024-03-17T22:38:29.433000
@ -244178,7 +244178,7 @@ CVE-2024-29115,0,0,142414ad4545b27307ef892525e38d2bb8c83878ba7d3b929a558d2d8f461
CVE-2024-29116,0,0,22312ff0fec960bf6bd22c8e8f459c2262200779b53186c3b1d0f522ebc154df,2024-03-19T16:33:58.680000
CVE-2024-29117,0,0,4796a230809f99a49ee05655b5187418907ba301781386f31aa5927b23559ddb,2024-03-19T16:33:58.680000
CVE-2024-29118,0,0,6ac5e6cd6ee7b43d8431dc316e005ede5cf4637a65ec75ca3c6a90cc83910dc3,2024-03-19T16:33:58.680000
CVE-2024-2912,0,0,ba46100947b965ee27a3617cd680e59d00d0472b37713c8bb9790f50036069f6,2024-04-16T00:15:11.427000
CVE-2024-2912,0,1,7853e1850da1df1a9d27e654a4679904ce21be5712661c93d1293795d88290f3,2024-04-16T13:24:07.103000
CVE-2024-29121,0,0,93c4eed4f19d6c35e5794bebf3078da12779b20c5796aea61af6820f2f1f0547,2024-03-19T16:33:58.680000
CVE-2024-29122,0,0,354c54b8c87b5aa75aed35dae5dd6c47ba1694327d8aa600a98403368348e018,2024-03-19T16:33:58.680000
CVE-2024-29123,0,0,e3fdcac69f03cdf2056f95a7639e6d970705398d9baf4f730c7daff4391b483c,2024-03-19T16:33:58.680000
@ -244666,8 +244666,8 @@ CVE-2024-30270,0,0,1d63c3afc5f402042a52c95204320e8698a660fcf024b4b1cd2dbe8241952
CVE-2024-30271,0,0,7934d49c76a773104fea3a055c8dca49939c18c3dc4eab227ecf5b491d16669d,2024-04-12T12:44:04.930000
CVE-2024-30272,0,0,fe18d25a398b5738660bb343d4a7fb499e0a8c129d952f35b1144eb8f7e44fa0,2024-04-12T12:44:04.930000
CVE-2024-30273,0,0,430d9deac2ea84fb25615ee056f7341da6ab62ae3551a67df5079d8156e28185,2024-04-12T12:44:04.930000
CVE-2024-3028,0,0,40b35edabcfd86715ee007a31195cc01fb0fde0725bc4098209345965ab1efea,2024-04-16T00:15:11.667000
CVE-2024-3029,0,0,be60c0bb26d2e91139cbf6e062c9a407e0bf907ea2b2a354e034bfdfb22bcfe3,2024-04-16T00:15:11.850000
CVE-2024-3028,0,1,080bb069f1a2cade59952c14793e39c6c54825fa436573f5b60987254afab568,2024-04-16T13:24:07.103000
CVE-2024-3029,0,1,54e489ae31021cd62a123b17a985eef09bd69f22c945608ba51d64fcde83450f,2024-04-16T13:24:07.103000
CVE-2024-3030,0,0,88c29228ef56d61e184f00d5d8d99ea5dd9800435eeb42a07f389309c9f00688,2024-04-04T12:48:41.700000
CVE-2024-30322,0,0,82127178dd2c4390457a625b1b802dc21960ed844c23f33ac3f61e8d8c162a4f,2024-04-03T17:24:18.150000
CVE-2024-30323,0,0,4ba71c995b9c718766f72cb8f425ef56f31d70d4141fb317ff1b84d1d4bea62f,2024-04-03T17:24:18.150000
@ -244856,7 +244856,7 @@ CVE-2024-30558,0,0,c487b7e520828364fad2b07b74e7c881d68876bac73b13b5c83e0dfd99fed
CVE-2024-30559,0,0,30881b502a00e1f0b4af436d9e17ecd66ddff7c4f60889245892c374e2f0a5b2,2024-04-01T01:12:59.077000
CVE-2024-30561,0,0,03bc43de8aff9caae9f72d908884b596acdfb45cf5a607bf3a61d00b78d408af,2024-04-01T01:12:59.077000
CVE-2024-30565,0,0,3c10663ebaef8c263e29a3b4fcd5ce9f26a98e5c4788e4f23a40d6624f566f6b,2024-04-04T12:48:41.700000
CVE-2024-30567,0,0,b726a5a24468e948427ba2da6967be6393edd8e67b08e1e27358a7c9883d7adc,2024-04-16T00:15:11.620000
CVE-2024-30567,0,1,447b4353e8045b75e32e568c5da0f40429816963a76cd7c63967e8f0beeca893,2024-04-16T13:24:07.103000
CVE-2024-30568,0,0,31ce5d7ef83a345bc485099d3705d8788459cf828ab7d0b94885f7bc40a70cff,2024-04-03T17:24:18.150000
CVE-2024-30569,0,0,d548955a85cf80696d15b1d4c46cd6662c11d8d9f149868bdc5b584ae206e179,2024-04-03T17:24:18.150000
CVE-2024-30570,0,0,47165afd2a0337ae9b15921264ed392e129dcb0a5824d82a2839f88c9ccbe5b6,2024-04-03T17:24:18.150000
@ -244912,7 +244912,7 @@ CVE-2024-30638,0,0,476165b7ba1121567d55c67d54d9d40e3e29ea068ff3cb9f8e442a4ce4566
CVE-2024-30639,0,0,46b7c5471e103449855c9fbd2240c66d12c0c2b4b2c2dd58c9da71634c442509,2024-04-01T01:12:59.077000
CVE-2024-3064,0,0,150d2695d7eeb315cec549f12d6c6ef3f6e02daaf223b84571983b190cdbdba2,2024-04-10T13:23:38.787000
CVE-2024-30645,0,0,00b9821a66dbca80d2d2c9c63858e19e8817ea8f49dc6578caf9fd20dddfbebc,2024-04-01T01:12:59.077000
CVE-2024-30656,0,0,b49577263e37030431e1a8d5338b6743c7c2aef81a19bd5d0aa628f52e6fa8b2,2024-04-15T22:15:08.870000
CVE-2024-30656,0,1,c800b352c15d86c6b7538edefbe50a56ea126bd7af414b5024084888358a8802,2024-04-16T13:24:07.103000
CVE-2024-30659,0,0,6b674dcc6172a28fd382455a39837aee02d1048828b479da4de736260a001915,2024-04-08T18:48:40.217000
CVE-2024-30661,0,0,ca3a009dda716fdf3c3b4141a47c3533be46c4c31a5c8c5b65ef3f7e55a4c4a0,2024-04-08T18:48:40.217000
CVE-2024-30662,0,0,71b80d6dafbe22437f2510bb021f4c17a7a897b19e7d2dd354177ad2cac3e4f3,2024-04-08T18:48:40.217000
@ -244920,6 +244920,7 @@ CVE-2024-30663,0,0,6e08db3f744a4228125df40199a08b9ee2a90f00728b6fca5a3d973b18d4d
CVE-2024-30665,0,0,b0872b924bec224f9269c5d12f3e3e09bd037687bdf2355c6dca31778a639300,2024-04-08T18:48:40.217000
CVE-2024-30666,0,0,c963b049325fad48121e774e7f87aeeb4db59eaee7ce9b24b135f03225a8605b,2024-04-08T18:48:40.217000
CVE-2024-30667,0,0,ff284e163d8506ead82a88e1e0195d7345f11e18d3b36d2dad51ac5fe6f1c4e9,2024-04-08T18:48:40.217000
CVE-2024-3067,1,1,e9b1bebe389d4e514e7a9a61bf198949c5e392a49f5a0c35c052cf2a541b472e,2024-04-16T13:24:07.103000
CVE-2024-30672,0,0,5f03fe7211bd8d45b5928b91a5ac0350abcfb5c5194aa5b0296fc94c9e863bc2,2024-04-08T18:48:40.217000
CVE-2024-30674,0,0,6ed6c67e9f9314eaeb2be25e85ad7999c533cc1beb21c8cb467ab7a893f16710,2024-04-08T18:48:40.217000
CVE-2024-30675,0,0,8b91a2fb611ecb3c19dd6a14ce9d54a86e8a20f268f642c9f4e164c260b50edd,2024-04-08T18:48:40.217000
@ -244977,7 +244978,7 @@ CVE-2024-30808,0,0,3edb296009dfb16a5061a2505986b3903e36250320b7a7a1ea6af0d775f58
CVE-2024-30809,0,0,40751d191f9ee13ea0defe4c96fc4834cb0c82544cd8de5e25d1d000018428a9,2024-04-02T20:31:58.463000
CVE-2024-3081,0,0,eaf9a3b1546f12509096efb03067d93183d42d698f454ab86e3fca514e07d309,2024-04-11T01:25:53.020000
CVE-2024-3084,0,0,62ac9245d10a841fd1840ac1e3c7dc9559936072e020c624e95405bbb39b1228,2024-04-11T01:25:53.100000
CVE-2024-30840,0,0,b90a5449dac064403980b963994fdbe9f7c12fd00d6fced3d57321571501f1a8,2024-04-15T20:15:11.030000
CVE-2024-30840,0,1,c9260fe2fddc3c219cf4dc026641c705bc7760addb3911af76dc59d03ab6b7ee,2024-04-16T13:24:07.103000
CVE-2024-30845,0,0,483cdc21df5fdf8d2481c4f15accc02fa69c26f2b2a1b756bf04bc232000a1b5,2024-04-15T13:15:51.577000
CVE-2024-30849,0,0,0e1a4138add90815a9b8d6a41668d72bf2ea04dc4bbeda2f4a50c70bff2a8e4c,2024-04-05T12:40:52.763000
CVE-2024-3085,0,0,5085f6259bd4d1908968638b16f14533956036f8bbee9b567c9970e9e940c577,2024-04-11T01:25:53.173000
@ -245177,7 +245178,7 @@ CVE-2024-31345,0,0,c859189c3b3107b07d10bea32bcd00363efe87690798f404d3b6d54b355ed
CVE-2024-31346,0,0,2d1e98ecfdeadb3523494e02b9eb42f9bcc66ecdd22c3cc2efc458ade5b5c930,2024-04-08T18:48:40.217000
CVE-2024-31348,0,0,cfc095c1fc0e4b141af08e05231276cb08ae09886eb38442cb07d948f68e6eab,2024-04-08T18:48:40.217000
CVE-2024-31349,0,0,8d1bd13d7c4f34f460e790c462e1e7791a20313dfd6a20b06dc021131d4e0db2,2024-04-08T18:48:40.217000
CVE-2024-3135,0,0,91954ab6e8bf3cb2f93a640035369c46334c6e185515d1b835de2161b0fd8f69,2024-04-02T12:50:42.233000
CVE-2024-3135,0,1,4a052858c93477b13b9d768cf5477bd490d84e3575939137539871d799ba9b77,2024-04-16T12:15:10.367000
CVE-2024-31353,0,0,aade8ea974e91d3ae50650294acb50b66beb284df0b61f73187afa65e397e66d,2024-04-10T19:49:51.183000
CVE-2024-31354,0,0,b5b94d42db07b1271ef9654eb9ffa890368f3a9210deb1f8fedc988973151d2e,2024-04-15T13:15:51.577000
CVE-2024-31355,0,0,a5dea31bb77e2304134bdb1d51afef23705a4ddfdf5cc895a42a4a0b3df4a7e3,2024-04-10T19:49:51.183000
@ -245257,7 +245258,7 @@ CVE-2024-3147,0,0,f05061e9d718b866336ceef3f83885c168403f8d387cf11dbe00ac736df358
CVE-2024-3148,0,0,12b6e15e00d964ce79c059c99a6c4df70691a740ad2056657f2d4843c78fc654,2024-04-11T01:25:55.337000
CVE-2024-31487,0,0,ffef7fcdc05bb476a1f2c02c71de4a76075ea7f0301d6a8889db629ce9b194c6,2024-04-10T13:24:22.187000
CVE-2024-31492,0,0,a251126d380ad734bdcae40155276c0c8cd0f78c057d6c232814179759c90bf9,2024-04-10T19:49:51.183000
CVE-2024-31497,0,0,7bd1aaa9fc54837a6fa1cadee84987763cd258305c407fe4f3a475f6016f799e,2024-04-15T23:15:06.950000
CVE-2024-31497,0,1,f723a65d60b18cb9a8bfa9f8082ceebf517f5e4f5e59609b10007c1cf2e480eb,2024-04-16T13:24:07.103000
CVE-2024-31498,0,0,db3c4e2337e3fccc66e084ef6016d8532925f451bef4124b0c2782f0c54d90b6,2024-04-08T00:15:08
CVE-2024-31506,0,0,8be7ef5b3e9d65e4bba9dd63e2b7475f0658a4b183369094a98038d4eee40099,2024-04-10T13:24:00.070000
CVE-2024-31507,0,0,8a4d05957463fb55563022c4622a2463374ff774a0631f4c63214875a7c78bee,2024-04-10T13:24:00.070000
@ -245270,19 +245271,19 @@ CVE-2024-3158,0,0,d2414412e299d1c6c6fd5c25934ca9d016ec38ac6210ea884f5d6eabc2220b
CVE-2024-3159,0,0,ab3d3fc3f58ff99c2f10e23574a75e665f3343c344ecfe71138e927973febb6e,2024-04-08T18:48:40.217000
CVE-2024-3160,0,0,f58561faca7869291dbd40f98b5207b12f048bddf4323b50e2fa0b0605fe77f4,2024-04-11T01:25:55.513000
CVE-2024-3162,0,0,7209bf9b1b4a4f41543ae01bfd19e9aec1dd355164cd1434a8cb5548ea161c65,2024-04-03T12:38:04.840000
CVE-2024-31634,0,0,19564b78dd2e8c6f1c4071d3437219d1546ac64123c723e301839d8b19971620,2024-04-16T04:15:08.463000
CVE-2024-31634,0,1,4aa9be86cd809cace2c7d458fd82ce0e6e4c21e7757f642f911286874e9406fe,2024-04-16T13:24:07.103000
CVE-2024-3164,0,0,7f780c294c8831979bff32bef1a48b2e6fa61521035bd6f029f476ca7c0385b5,2024-04-11T01:25:55.603000
CVE-2024-31648,0,0,a016bcd573857722aa31bc350635e46363d927042b391222b2d909ae932753ae,2024-04-15T21:15:07.503000
CVE-2024-31649,0,0,07adaca885ecb1795870b6c469b09c65117f501d49932f9bf55d132fd09732de,2024-04-15T21:15:07.547000
CVE-2024-31648,0,1,f70c933feb3072bcb2ead02f6b1a919b0f866e1a11c84c8f391e2e290925af4f,2024-04-16T13:24:07.103000
CVE-2024-31649,0,1,639a5f64cbdf28db540c8732bf6df9d62d362e264fc5a0592fc2e34beb9bf811,2024-04-16T13:24:07.103000
CVE-2024-3165,0,0,de9c55d425cf1712b174cf5953c3fab2e18950a6202399f31519128938dc300f,2024-04-02T12:50:42.233000
CVE-2024-31650,0,0,96920ba4e6f7e83a10eb6df26cb31edc8913274707859cca5053dda3fb820ed7,2024-04-15T21:15:07.593000
CVE-2024-31651,0,0,ceda34d8c65ba3ec27b91b187d1a084d98ce6faebaad213ca8593cf4d5029fdb,2024-04-15T22:15:09.023000
CVE-2024-31652,0,0,90276002c53daa175a8ae9f59f3d7cfe67a16d5f61ea7574390897425f025e64,2024-04-15T21:15:07.637000
CVE-2024-31650,0,1,93c237f92a0565f29a186681c2be8c18bcc984e57115648f885447500f241b13,2024-04-16T13:24:07.103000
CVE-2024-31651,0,1,449580f383ba06b10b890173ddf2d62af7a188eb69db82466ee9152e4b087212,2024-04-16T13:24:07.103000
CVE-2024-31652,0,1,208b4f263a9a44614b423f2ea1b775ae64777df67f6e60b98c2159dddb5c4a0b,2024-04-16T13:24:07.103000
CVE-2024-3167,0,0,f4a160a1382e038713f603968880deb87a3b362a15bab9fc55aa42721dc9dd6e,2024-04-10T13:23:38.787000
CVE-2024-31678,0,0,6d17d4ce9eaa15ebb6367a838566d027b53ddba56e09f333fd8cadacfd1d2447,2024-04-12T12:44:04.930000
CVE-2024-3178,0,0,e1b2edc538f836ffb506a17d476e0f961db2588242ddd1b2358ad3487cd818bf,2024-04-04T12:48:41.700000
CVE-2024-31783,0,0,446f2fc1a687465cf17bf49f6974f026e98dc501df8adec628749ef9b1165b86,2024-04-16T04:15:09.140000
CVE-2024-31784,0,0,7ee83ce9dd5cadf2e1f87cf5fb5c146a067d8c0736ae25bda731f702e93214a8,2024-04-16T04:15:09.200000
CVE-2024-31783,0,1,a7054e74fa1a557567cd0f4452494e62f528f37b2972c2343d20292f99336f13,2024-04-16T13:24:07.103000
CVE-2024-31784,0,1,0055eda0e2e2e3cebbac3d895c086f3674073feab99e847bee4ca99f9495a801,2024-04-16T13:24:07.103000
CVE-2024-3179,0,0,5abb24f6a5051585dee8d043e9230e5c2a9202caf7e3c5044373b856d11a8a98,2024-04-04T12:48:41.700000
CVE-2024-3180,0,0,cb7e6ecd5dde884356237a2b2dbf7b6ac67d07b2baecdd8da937f602eadd96a4,2024-04-04T12:48:41.700000
CVE-2024-31805,0,0,191a14c2d5ae7968331c5203389f4ad20337fe28197ac48f135f3f3b37941d31,2024-04-08T18:48:40.217000
@ -245357,7 +245358,7 @@ CVE-2024-31985,0,0,96eba814f8ffd38a0877505a36212af3b265e63db0ebdb3b6fe17b13401c0
CVE-2024-31986,0,0,43afc54623bebf262d37dd906c7efd37eb56ded00de01504423bee1057bdc8a1,2024-04-11T12:47:44.137000
CVE-2024-31987,0,0,60d0bda711bcaaea27f455d1e392e029e767cb7013c9064db5359f058621c0df,2024-04-11T12:47:44.137000
CVE-2024-31988,0,0,51c3ab0f42083010a6201d8c5e43ded78b92f566d0bca12748a99bba4a186fcd,2024-04-11T12:47:44.137000
CVE-2024-31990,0,0,660cda04ab718f537b3c27af001acfdb6075906b9d5ccc5ae359a90f44acb0cd,2024-04-15T20:15:11.127000
CVE-2024-31990,0,1,77ac4f6468312f14b2ffccf0214dd51bfa3f27166872b6029ecb265054e5d1ca,2024-04-16T13:24:07.103000
CVE-2024-31995,0,0,66dfe11a273e9e10d102f877b390a578235479d84ca6da17689c27557fdb1258,2024-04-11T12:47:44.137000
CVE-2024-31996,0,0,4bc228afb2f37b1ef8f323b1e059ab55f2f5ea66358ab4f20e2844a94396b7b8,2024-04-11T12:47:44.137000
CVE-2024-31997,0,0,d95ca9b47538ea73a196934e9c1064ac6bfd03df35a75cfa6de5a54ba7f14856,2024-04-11T12:47:44.137000
@ -245370,8 +245371,8 @@ CVE-2024-32019,0,0,7d17b262f48d84e5d46deb667dc18694c73147c4bad7ea42fd1b388af87a6
CVE-2024-3202,0,0,3543d902eafc8c4c40bfe450a4b784b21d5eb2e30d7be93129e4c6731c6d0980,2024-04-11T01:25:55.733000
CVE-2024-32028,0,0,a16d36bcfaa5cccbb6282aecd03e18b80c66f8151e3c2f08a8edd43b521f9227,2024-04-15T13:15:31.997000
CVE-2024-3203,0,0,d460cfbc8661b4424cc0984f526a676bb0961256fc9d04a7d500e89187029830,2024-04-11T01:25:55.810000
CVE-2024-32035,0,0,9bec368ed775ea2c2325e16c119aee861a74a3bdc44a94205bd7faf4ab51a339,2024-04-15T20:15:11.323000
CVE-2024-32036,0,0,df5f08576bba4e182cd58915d2f2a50735513c2cc38a6d49e53de73f8c35dd97,2024-04-15T20:15:11.543000
CVE-2024-32035,0,1,9f9419e7b7ca688ca6c807b99c4196d3fdd26d305c290e1d723cf412a79167b9,2024-04-16T13:24:07.103000
CVE-2024-32036,0,1,4a28eed34131a66065884f39d47aa96bc9541fc1a77da7e49e948a27d72c97a5,2024-04-16T13:24:07.103000
CVE-2024-3204,0,0,2a2a133d829052d72380a6f7a45e32f6ecd96ec6da65fdbadcbe92a1f79d774f,2024-04-11T01:25:55.933000
CVE-2024-3205,0,0,befb48df2bb5e20af3b4383c1ef82865b9f9fb3145e096ffb7e0098ff096b4f8,2024-04-11T01:25:56.010000
CVE-2024-3207,0,0,a57734da301192d6a9381ac71eef9bc84e6acf70886d5628a9c0939255320fc2,2024-04-11T01:25:56.090000
@ -245440,6 +245441,7 @@ CVE-2024-3227,0,0,0159675aa02206c3d84e4c8df37fb1381a8ad1f04bbe993fe609d30c45518b
CVE-2024-3235,0,0,87b194ac57d76e3164f790cf262b7f15e5577bfab72d12fd067ebb5070eb75e0,2024-04-10T13:23:38.787000
CVE-2024-32428,0,0,87a3edde2c4b0ace5bed90e6337013a3436ae0c663c6eeed3dbaf59e4e702dff,2024-04-15T13:15:31.997000
CVE-2024-32429,0,0,eb5275541e0171326bf869e836661a3d04172e6e7d4adfaa9657297147332796,2024-04-15T13:15:31.997000
CVE-2024-3243,1,1,8f01690254ba62906be5fee30c8fc3486093d8171fddd0c70c76e4ba1599665b,2024-04-16T13:24:07.103000
CVE-2024-32430,0,0,88606950387919732cc8111790acc49a4b4cd7f2749250708f365450599b1d96,2024-04-15T13:15:31.997000
CVE-2024-32431,0,0,b6e07f3c6860f7196adf7b013d7b424e7a703b915974277afd841cb14a5b76f7,2024-04-15T13:15:31.997000
CVE-2024-32433,0,0,118095d9326fab7b70b1b646ed4f60dbb4d560ae8eb3981c82b443bda7c2db21,2024-04-15T13:15:31.997000
@ -245476,21 +245478,21 @@ CVE-2024-3252,0,0,7630116ae9073f2e5d7cd4b93bdf2c972c8300b99dc958745f8e88d8918900
CVE-2024-3253,0,0,a89395a86bc1f3d0502eefe9b40617582319cee720c39b4f0673a8e71a372db0,2024-04-11T01:25:57.123000
CVE-2024-3254,0,0,617ba79a83e46c73763bd8b8a758bd9d10779693c35077d31661917bc60e7dc6,2024-04-11T01:25:57.197000
CVE-2024-3255,0,0,904fbc57ab93b7669a1ad2e0d7bc935ea8e0a09d4be39b643e0cf95a488528d5,2024-04-11T01:25:57.280000
CVE-2024-32557,0,0,99e90e35c2efbc94735e5cb7ee52f44cdf803807734a27e496f2acc44f494a96,2024-04-16T07:15:12.030000
CVE-2024-32557,0,1,a0d48866dc85bb81bf860dbf507dd0114438e0c1a5f7430be94c87993736426b,2024-04-16T13:24:07.103000
CVE-2024-3256,0,0,16875209444216c7ddeeb37cb7b039ce17b63ab170d52bcb48aafa2d5e629841,2024-04-11T01:25:57.377000
CVE-2024-3257,0,0,3c0b711c0035bcf8d4b92bcec7dfdb1ab21cf5c848bdfe1dfc7f34628ee0f77e,2024-04-11T01:25:57.457000
CVE-2024-3258,0,0,00a0a017c084aafa026269300c69a9360444c24c6a4308e5e8f072ac33cf3451,2024-04-11T01:25:57.540000
CVE-2024-3259,0,0,3481f546c5fee878032df1d9aae401834d514bd5070dbdd69c5e7940d2e2efbe,2024-04-11T01:25:57.637000
CVE-2024-3262,0,0,758c253f08a1135a2d383be61db9b8d36970b2087c7788f9321bc534b0b4222c,2024-04-04T12:48:22.650000
CVE-2024-32625,0,0,6ae31424e57ebf19df10ef9f0d397f95a21de03ae69a3936024e0ae0f3ef8656,2024-04-16T09:15:07.167000
CVE-2024-32631,0,0,c592bdbcbfc2772933c5b9e21c42c92f25f1fc80d39535db3731c4467c78975f,2024-04-16T09:15:07.900000
CVE-2024-32632,0,0,05372bd3bdb0ea0b51850790d21bd07a89a999837658551e32a4bf9ad63d10d2,2024-04-16T09:15:08.080000
CVE-2024-32633,0,0,d134eed6306e82e5b46ac7a6b78b669c073a4cfad4fcbf1820c3b073efe56eaa,2024-04-16T09:15:08.260000
CVE-2024-32634,0,0,db19ea124e4e28674d4665d36c4145a89847829847fa7a82241d8c0b86b56e3e,2024-04-16T09:15:08.460000
CVE-2024-32625,0,1,83e118a0392b3bec4594db5d969d72238cd7025e3075e1bbd62c95f93a226798,2024-04-16T13:24:07.103000
CVE-2024-32631,0,1,f6179c4a1916a92ef208430456218c10bd0600c556ab5afe50d23115ed2f9700,2024-04-16T13:24:07.103000
CVE-2024-32632,0,1,363f256990a9e0bbc1d5ebda216d881268683761016a5132b054fbdb44080942,2024-04-16T13:24:07.103000
CVE-2024-32633,0,1,8ac8ce6a1ac201ef8dc36e7fab192ecb8b1b583d781df940a83a5707e31555c1,2024-04-16T13:24:07.103000
CVE-2024-32634,0,1,399e2bba8e548c1c98770d2f478e96e69a60afbc020788dd69a365e3ae504be6,2024-04-16T13:24:07.103000
CVE-2024-3266,0,0,254a5ba127b10ac48f062b62dbe4c90ef51eaba1ed741161e5a22416cbb32240,2024-04-10T13:23:38.787000
CVE-2024-3267,0,0,00a210ede7a73ca33b64d3b8a0e382509d5bafa34ae84022125b180763aee2bd,2024-04-10T13:23:38.787000
CVE-2024-3270,0,0,6f3801d6fa573f4a130c8a1ad393f7345008a6cf48547c2d9608d260a00cb3bb,2024-04-11T01:25:57.753000
CVE-2024-3271,0,0,76438e2f8d3cc7e838cb6fb60d4bbfb9f64ca2c357ceb01131cf51195507cc3b,2024-04-16T00:15:12.017000
CVE-2024-3271,0,1,427448d66ebe59002a93ad233a5fbd2b2253db3687d924fc6f5652a183f66ed0,2024-04-16T13:24:07.103000
CVE-2024-3272,0,0,ef44e7e2e0d0ab3ec436a6ccc174b0a90f543a9a2cfa65f7a6d262da6c5446ee,2024-04-15T20:14:55.570000
CVE-2024-3273,0,0,2c9bd6b2b67818472adec2002fc02ad46426a066a40e52d2a8dbeb776c880650,2024-04-15T20:13:57.290000
CVE-2024-3274,0,0,21270603d98a8b3e4eb735d32ed5791b575a3fe053daf1cd79027e90bad6bb12,2024-04-11T01:25:57.997000
@ -245530,6 +245532,7 @@ CVE-2024-3363,0,0,f5bcc8af5a66d22a73abe7e86b636154362f284983c790b03385b20aa4737c
CVE-2024-3364,0,0,2986dc00429f74e0e2572cb8153933c26e825f7eed092370bca7e4ac84ee4fdf,2024-04-11T01:26:00.090000
CVE-2024-3365,0,0,64a2e531185071bb7e6b7a9cf067546b0c6c5f700f703a6639ecd4e081a3dcb7,2024-04-11T01:26:00.170000
CVE-2024-3366,0,0,641beaaa3f9fd7d2de3006c0b03aadadafd130dcdab91419774c604b06cf9b30,2024-04-11T01:26:00.240000
CVE-2024-3367,1,1,3ba4de06f1dcd38725d1a91da6fef7a40e2593564238016c31dbef705dc719fe,2024-04-16T13:24:07.103000
CVE-2024-3369,0,0,943fbc9826beb11428b980e60e48ec152ecf5fda97b5d1c26bb0e96c030079eb,2024-04-11T01:26:00.317000
CVE-2024-3376,0,0,f944ee3af49afac066405b13bcc14ad1a3aba304f57c015d653c31ce71a21bf1,2024-04-11T01:26:00.397000
CVE-2024-3377,0,0,4f5c5a9a0c925d4c25c7e7a8167aad399bf59289271bce69d10c801ec2848ece,2024-04-11T01:26:00.473000
@ -245583,7 +245586,7 @@ CVE-2024-3463,0,0,f35096c01e521c580de90ee225d8b67562638ead2824e5fc7702bc6c9f4524
CVE-2024-3464,0,0,0c53100717f2f28c54c57fbaaef472d29e3cb0ff81ebf61eb104a899922afe93,2024-04-11T01:26:03.617000
CVE-2024-3465,0,0,a42aecf57f43969ec60c90b90013ebe0e449783aa33103b39be184486d2b2ca9,2024-04-11T01:26:03.697000
CVE-2024-3466,0,0,06b3d0b5c629cfcd72994ab03bcc3d914522a60f9b439b6d13775db50704418a,2024-04-11T01:26:03.777000
CVE-2024-3493,0,0,cb3f15d7bf387c6ecf4c1a213ffbd02f3ce0629b64ab65397aecec58cab5e8fd,2024-04-15T22:15:09.073000
CVE-2024-3493,0,1,63ead7e160b6b2cbd834dd6075f87d345af3361e8d55520f11e81a53e2086aaa,2024-04-16T13:24:07.103000
CVE-2024-3505,0,0,d46d6b7d35449c168e9ff66f3c93f973f2e1e579109b94b88c63ad7baac2b7b8,2024-04-15T13:15:31.997000
CVE-2024-3512,0,0,0bde0dc5c2508608f7df2e92075f3b315e69961d5bc617a9cf046c486aab6ef4,2024-04-10T13:23:38.787000
CVE-2024-3514,0,0,6b760aa2049aa25a8d1a8a27afd68abe75f99cb1cc8192949aefe4b5db8f51ce,2024-04-10T13:23:38.787000
@ -245617,11 +245620,11 @@ CVE-2024-3567,0,0,95d4f85888c7c90830bdb6bbe6ab9e66d33c542ba2d85efb396aaa8b077bff
CVE-2024-3568,0,0,573133d2a7191a46b0975280ef7162f7787321191e0ad33f2c4c70c7e8d9c3f5,2024-04-10T19:49:51.183000
CVE-2024-3569,0,0,1713859ca5226d02b2325e4195882c2c405d5fa4ce56952eae5e58bc3dad6bde,2024-04-10T19:49:51.183000
CVE-2024-3570,0,0,df44050a6262c2969e286478660750960763247b24187b06070fe7dd6b9e3002,2024-04-10T19:49:51.183000
CVE-2024-3571,0,0,8ad904b667a08a34c3cc276fb47e0aa2a84854909d3ac50102363a55fcb62ffc,2024-04-16T00:15:12.203000
CVE-2024-3572,0,0,2e31e79b59b80d8503d35d945c3ac4553242f3247db1c8ff95f6ae601102aafa,2024-04-16T00:15:12.387000
CVE-2024-3573,0,0,8f352a0d6665a5c4421ae000ecc1bb2d502c553cc47176eaaf693bac084d7415,2024-04-16T00:15:12.570000
CVE-2024-3574,0,0,d59a5bbdd7fabd574c816c3f0aa3b0b0f901212e7f4ae08d62e5e8b97b1437fa,2024-04-16T00:15:12.750000
CVE-2024-3575,0,0,faaf4112382e43c12f83ed2e93f6678d4c9ad6a7c5594fc3bb5d909b71a8846e,2024-04-16T00:15:12.930000
CVE-2024-3571,0,1,69cf6aaba9ed550ce2e1f492d0ecd149e8d5cd4d3ef343f36ac06a714698dced,2024-04-16T13:24:07.103000
CVE-2024-3572,0,1,fac7085e464e1d98d017bfc9635e53b969d9f55d28ae04030a557f0ab1b04301,2024-04-16T13:24:07.103000
CVE-2024-3573,0,1,f978306925f93ca64332932b6f5a09fb648fa8e8ad9d4b00bd427fd81ec82478,2024-04-16T13:24:07.103000
CVE-2024-3574,0,1,a6cc99c8a389ea7db1c37fe05b40106752b73810cdac85caab18aeb26d6bc576,2024-04-16T13:24:07.103000
CVE-2024-3575,0,1,59be73eca5c53cbbcf99414bd65c6b74b4dff22ff5983c2d091439c46f610b22,2024-04-16T13:24:07.103000
CVE-2024-3612,0,0,e0d19b8169faa543fe07df31c32af820c3a5ced7fa57ca7287705d9232ae4829,2024-04-11T12:47:44.137000
CVE-2024-3613,0,0,a614d408e2c081a95a02143aaf10401b031bc93c1ffc8d948d650496e0fce6ef,2024-04-11T12:47:44.137000
CVE-2024-3614,0,0,880d074aab9025081ce04d1528b9be7ca3f1ab52d453f94e3fadd54af8dcf90d,2024-04-11T12:47:44.137000
@ -245633,6 +245636,7 @@ CVE-2024-3620,0,0,a7eeb1bc049879e174341aab349252fb94be8452f8b1f4ee171cd19f6ef0b1
CVE-2024-3621,0,0,84afe5bfc8ac11b311e81571bedd8fcb4ae60929cf687215eae135d692582687,2024-04-11T12:47:44.137000
CVE-2024-3652,0,0,a467de8b64f8147acdef48edc35752a89afb7d5856e17302ea9c57335ed0f61c,2024-04-11T12:47:44.137000
CVE-2024-3662,0,0,aac492e0cb08799a7f888c46af5bedb595fa2e9ad6dc15c21be50e9dae70066e,2024-04-15T13:15:31.997000
CVE-2024-3672,1,1,fc59637194f03e01166014d3ffdbdd60026f81fcc60e1be7e1a44771d8c5fa2c,2024-04-16T13:24:07.103000
CVE-2024-3685,0,0,2d04d41485feb8a52bd1142022b18bc3f24805efb219d419e0508c4773991260,2024-04-15T13:15:51.577000
CVE-2024-3686,0,0,811bcae5db0f32a24e5b10c51fcb2c5c47ac8ca123d5e8befb2d943ee92f7589,2024-04-15T13:15:51.577000
CVE-2024-3687,0,0,1ba165d27b4f9420e3a17f611b0c9be5bd2e7e99fa19b9ae9000a76cef0ac680,2024-04-15T13:15:51.577000
@ -245683,8 +245687,9 @@ CVE-2024-3785,0,0,fc93f2e321d044bf7a0ccc45f351722880d9f0bf94368b28b702ab59c5cb31
CVE-2024-3786,0,0,e7dff42d10ea5f51aefb5b7728f1b7d65e7bf6f944a436f82b5cbbe6bdc82c9e,2024-04-15T19:12:25.887000
CVE-2024-3797,0,0,a49e1c5a734d1a2c1373957f16247491a1198771bf616ee0ff20957d954e73a9,2024-04-15T19:12:25.887000
CVE-2024-3802,0,0,5395fe7b87f4e5ca6c4397aa1001686137daab009656e2126daa68d47ebdf7e9,2024-04-15T13:15:31.997000
CVE-2024-3803,0,0,e342744bdc63b2a58af5ae5f41d9fba8f25773aaa2122f6f6004758c91257faa,2024-04-15T19:15:10
CVE-2024-3804,0,0,6ace1efb8bc58a0cdfa38459a30729bdc6bb242e239104ec2cc37d4346ad9b8c,2024-04-15T20:15:11.750000
CVE-2024-3867,1,1,9365023e7046cccde2d6f750559a305b9768185a579e3ff0755c60b213cb54a7,2024-04-16T10:15:08.163000
CVE-2024-3871,0,0,18fc33d03a275f960d5f9bbc78c875c2a58019ec3cf90aaff1327d511a536180,2024-04-16T09:15:08.630000
CVE-2024-3872,0,0,ee46564a57b49a4537f1de538de5bb50bf0a5bdc7548545714dfac0afa8938fc,2024-04-16T09:15:08.817000
CVE-2024-3803,0,1,5839bf1f5fc97242d8c9adb88b40fa5013a07555baee205c3d9bec592a883085,2024-04-16T13:24:07.103000
CVE-2024-3804,0,1,d2c04bcba3b9dcee33d8ad0e898646d48639f7e3e6aed11c413cf03cea6afbe3,2024-04-16T13:24:07.103000
CVE-2024-3867,0,1,c3c6e74f2b7b798638e0e4aeec03b4d63f45b0c8e7f67f896543c325678e3e94,2024-04-16T13:24:07.103000
CVE-2024-3869,1,1,d3f1a622954c88625e31670a65b24b2a780d4a1ef9c3ff8af4e909ec0bb991a2,2024-04-16T13:24:07.103000
CVE-2024-3871,0,1,1a2cd663b55080229c1ab7b70d6215741fcbf60f8d0800edd920a4744c6da4d0,2024-04-16T13:24:07.103000
CVE-2024-3872,0,1,1b0df76ddcb9ce5edde75b1c572a6253db6bd37bbe91d1899bdf2bd4ba86a63a,2024-04-16T13:24:07.103000

Can't render this file because it is too large.