From 4baf5a3079281b819c5eb4e2f2d0771f77f6718f Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 4 Oct 2024 14:03:27 +0000 Subject: [PATCH] Auto-Update: 2024-10-04T14:00:27.718839+00:00 --- CVE-2018/CVE-2018-26xx/CVE-2018-2628.json | 22 +- CVE-2021/CVE-2021-245xx/CVE-2021-24523.json | 6 +- CVE-2021/CVE-2021-375xx/CVE-2021-37577.json | 8 +- CVE-2023/CVE-2023-276xx/CVE-2023-27631.json | 6 +- CVE-2023/CVE-2023-276xx/CVE-2023-27632.json | 6 +- CVE-2023/CVE-2023-34xx/CVE-2023-3441.json | 4 +- CVE-2023/CVE-2023-378xx/CVE-2023-37822.json | 8 +- CVE-2023/CVE-2023-72xx/CVE-2023-7273.json | 8 +- CVE-2024/CVE-2024-01xx/CVE-2024-0116.json | 8 +- CVE-2024/CVE-2024-01xx/CVE-2024-0123.json | 8 +- CVE-2024/CVE-2024-01xx/CVE-2024-0124.json | 8 +- CVE-2024/CVE-2024-01xx/CVE-2024-0125.json | 8 +- CVE-2024/CVE-2024-203xx/CVE-2024-20365.json | 8 +- CVE-2024/CVE-2024-203xx/CVE-2024-20385.json | 8 +- CVE-2024/CVE-2024-203xx/CVE-2024-20393.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20432.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20438.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20441.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20442.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20444.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20448.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20449.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20470.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20477.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20490.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20491.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20492.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20498.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20499.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20500.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20501.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20502.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20509.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20513.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20515.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20516.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20517.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20518.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20519.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20520.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20521.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20522.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20523.json | 8 +- CVE-2024/CVE-2024-205xx/CVE-2024-20524.json | 8 +- CVE-2024/CVE-2024-214xx/CVE-2024-21489.json | 8 +- CVE-2024/CVE-2024-215xx/CVE-2024-21530.json | 8 +- CVE-2024/CVE-2024-215xx/CVE-2024-21531.json | 8 +- CVE-2024/CVE-2024-241xx/CVE-2024-24116.json | 8 +- CVE-2024/CVE-2024-241xx/CVE-2024-24117.json | 8 +- CVE-2024/CVE-2024-241xx/CVE-2024-24122.json | 8 +- CVE-2024/CVE-2024-255xx/CVE-2024-25590.json | 8 +- CVE-2024/CVE-2024-256xx/CVE-2024-25632.json | 8 +- CVE-2024/CVE-2024-256xx/CVE-2024-25658.json | 8 +- CVE-2024/CVE-2024-256xx/CVE-2024-25659.json | 8 +- CVE-2024/CVE-2024-256xx/CVE-2024-25660.json | 8 +- CVE-2024/CVE-2024-256xx/CVE-2024-25661.json | 8 +- CVE-2024/CVE-2024-288xx/CVE-2024-28807.json | 8 +- CVE-2024/CVE-2024-288xx/CVE-2024-28808.json | 8 +- CVE-2024/CVE-2024-288xx/CVE-2024-28809.json | 8 +- CVE-2024/CVE-2024-288xx/CVE-2024-28810.json | 8 +- CVE-2024/CVE-2024-288xx/CVE-2024-28811.json | 8 +- CVE-2024/CVE-2024-288xx/CVE-2024-28812.json | 8 +- CVE-2024/CVE-2024-288xx/CVE-2024-28813.json | 8 +- CVE-2024/CVE-2024-288xx/CVE-2024-28888.json | 4 +- CVE-2024/CVE-2024-301xx/CVE-2024-30132.json | 8 +- CVE-2024/CVE-2024-30xx/CVE-2024-3056.json | 18 +- CVE-2024/CVE-2024-318xx/CVE-2024-31835.json | 8 +- CVE-2024/CVE-2024-332xx/CVE-2024-33209.json | 8 +- CVE-2024/CVE-2024-332xx/CVE-2024-33210.json | 8 +- CVE-2024/CVE-2024-336xx/CVE-2024-33662.json | 8 +- CVE-2024/CVE-2024-345xx/CVE-2024-34535.json | 8 +- CVE-2024/CVE-2024-352xx/CVE-2024-35293.json | 8 +- CVE-2024/CVE-2024-352xx/CVE-2024-35294.json | 8 +- CVE-2024/CVE-2024-354xx/CVE-2024-35495.json | 8 +- CVE-2024/CVE-2024-364xx/CVE-2024-36474.json | 8 +- CVE-2024/CVE-2024-397xx/CVE-2024-39755.json | 8 +- CVE-2024/CVE-2024-39xx/CVE-2024-3944.json | 54 +- CVE-2024/CVE-2024-411xx/CVE-2024-41163.json | 8 +- CVE-2024/CVE-2024-412xx/CVE-2024-41276.json | 8 +- CVE-2024/CVE-2024-412xx/CVE-2024-41290.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41583.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41584.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41585.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41586.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41587.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41588.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41589.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41590.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41591.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41592.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41593.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41594.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41595.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41596.json | 8 +- CVE-2024/CVE-2024-416xx/CVE-2024-41673.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41922.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41925.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41987.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41988.json | 8 +- CVE-2024/CVE-2024-420xx/CVE-2024-42017.json | 8 +- CVE-2024/CVE-2024-424xx/CVE-2024-42415.json | 8 +- CVE-2024/CVE-2024-424xx/CVE-2024-42417.json | 8 +- CVE-2024/CVE-2024-425xx/CVE-2024-42504.json | 8 +- CVE-2024/CVE-2024-425xx/CVE-2024-42514.json | 4 +- CVE-2024/CVE-2024-436xx/CVE-2024-43699.json | 8 +- CVE-2024/CVE-2024-437xx/CVE-2024-43795.json | 8 +- CVE-2024/CVE-2024-439xx/CVE-2024-43986.json | 47 +- CVE-2024/CVE-2024-440xx/CVE-2024-44017.json | 8 +- CVE-2024/CVE-2024-440xx/CVE-2024-44030.json | 8 +- CVE-2024/CVE-2024-440xx/CVE-2024-44097.json | 8 +- CVE-2024/CVE-2024-441xx/CVE-2024-44193.json | 4 +- CVE-2024/CVE-2024-442xx/CVE-2024-44204.json | 8 +- CVE-2024/CVE-2024-442xx/CVE-2024-44207.json | 8 +- CVE-2024/CVE-2024-446xx/CVE-2024-44610.json | 8 +- CVE-2024/CVE-2024-447xx/CVE-2024-44744.json | 8 +- CVE-2024/CVE-2024-450xx/CVE-2024-45073.json | 8 +- CVE-2024/CVE-2024-451xx/CVE-2024-45186.json | 4 +- CVE-2024/CVE-2024-453xx/CVE-2024-45367.json | 8 +- CVE-2024/CVE-2024-454xx/CVE-2024-45408.json | 8 +- CVE-2024/CVE-2024-455xx/CVE-2024-45519.json | 4 +- CVE-2024/CVE-2024-457xx/CVE-2024-45772.json | 60 +- CVE-2024/CVE-2024-457xx/CVE-2024-45792.json | 8 +- CVE-2024/CVE-2024-458xx/CVE-2024-45870.json | 8 +- CVE-2024/CVE-2024-458xx/CVE-2024-45871.json | 8 +- CVE-2024/CVE-2024-458xx/CVE-2024-45872.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45920.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45960.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45962.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45964.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45965.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45967.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45993.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45999.json | 8 +- CVE-2024/CVE-2024-460xx/CVE-2024-46079.json | 8 +- CVE-2024/CVE-2024-460xx/CVE-2024-46080.json | 4 +- CVE-2024/CVE-2024-460xx/CVE-2024-46081.json | 8 +- CVE-2024/CVE-2024-460xx/CVE-2024-46082.json | 4 +- CVE-2024/CVE-2024-460xx/CVE-2024-46083.json | 8 +- CVE-2024/CVE-2024-460xx/CVE-2024-46084.json | 4 +- CVE-2024/CVE-2024-462xx/CVE-2024-46258.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46259.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46261.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46263.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46264.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46267.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46274.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46276.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46280.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46293.json | 8 +- CVE-2024/CVE-2024-463xx/CVE-2024-46313.json | 8 +- CVE-2024/CVE-2024-464xx/CVE-2024-46475.json | 8 +- CVE-2024/CVE-2024-465xx/CVE-2024-46503.json | 4 +- CVE-2024/CVE-2024-465xx/CVE-2024-46510.json | 8 +- CVE-2024/CVE-2024-465xx/CVE-2024-46511.json | 8 +- CVE-2024/CVE-2024-465xx/CVE-2024-46540.json | 8 +- CVE-2024/CVE-2024-465xx/CVE-2024-46548.json | 8 +- CVE-2024/CVE-2024-465xx/CVE-2024-46549.json | 8 +- CVE-2024/CVE-2024-466xx/CVE-2024-46626.json | 8 +- CVE-2024/CVE-2024-466xx/CVE-2024-46635.json | 8 +- CVE-2024/CVE-2024-466xx/CVE-2024-46658.json | 8 +- CVE-2024/CVE-2024-468xx/CVE-2024-46869.json | 8 +- CVE-2024/CVE-2024-469xx/CVE-2024-46977.json | 8 +- CVE-2024/CVE-2024-470xx/CVE-2024-47063.json | 8 +- CVE-2024/CVE-2024-470xx/CVE-2024-47064.json | 8 +- CVE-2024/CVE-2024-470xx/CVE-2024-47067.json | 8 +- CVE-2024/CVE-2024-470xx/CVE-2024-47071.json | 8 +- CVE-2024/CVE-2024-471xx/CVE-2024-47134.json | 8 +- CVE-2024/CVE-2024-471xx/CVE-2024-47135.json | 8 +- CVE-2024/CVE-2024-471xx/CVE-2024-47136.json | 8 +- CVE-2024/CVE-2024-471xx/CVE-2024-47172.json | 8 +- CVE-2024/CVE-2024-471xx/CVE-2024-47178.json | 8 +- CVE-2024/CVE-2024-472xx/CVE-2024-47295.json | 4 +- CVE-2024/CVE-2024-473xx/CVE-2024-47396.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47523.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47524.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47525.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47526.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47527.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47528.json | 4 +- CVE-2024/CVE-2024-475xx/CVE-2024-47529.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47530.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47531.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47532.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47534.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47536.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47554.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47560.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47561.json | 4 +- CVE-2024/CVE-2024-476xx/CVE-2024-47604.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47608.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47609.json | 4 +- CVE-2024/CVE-2024-476xx/CVE-2024-47611.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47612.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47614.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47616.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47617.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47618.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47641.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47651.json | 78 +++ CVE-2024/CVE-2024-476xx/CVE-2024-47652.json | 78 +++ CVE-2024/CVE-2024-476xx/CVE-2024-47653.json | 78 +++ CVE-2024/CVE-2024-476xx/CVE-2024-47654.json | 78 +++ CVE-2024/CVE-2024-476xx/CVE-2024-47655.json | 78 +++ CVE-2024/CVE-2024-476xx/CVE-2024-47656.json | 78 +++ CVE-2024/CVE-2024-476xx/CVE-2024-47657.json | 78 +++ CVE-2024/CVE-2024-477xx/CVE-2024-47762.json | 8 +- CVE-2024/CVE-2024-477xx/CVE-2024-47789.json | 78 +++ CVE-2024/CVE-2024-477xx/CVE-2024-47790.json | 78 +++ CVE-2024/CVE-2024-478xx/CVE-2024-47803.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47804.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47805.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47806.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47807.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47850.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47854.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47855.json | 8 +- CVE-2024/CVE-2024-58xx/CVE-2024-5803.json | 8 +- CVE-2024/CVE-2024-58xx/CVE-2024-5857.json | 54 +- CVE-2024/CVE-2024-58xx/CVE-2024-5891.json | 16 +- CVE-2024/CVE-2024-59xx/CVE-2024-5987.json | 54 +- CVE-2024/CVE-2024-60xx/CVE-2024-6051.json | 8 +- CVE-2024/CVE-2024-63xx/CVE-2024-6360.json | 8 +- CVE-2024/CVE-2024-64xx/CVE-2024-6400.json | 86 +++ CVE-2024/CVE-2024-64xx/CVE-2024-6442.json | 8 +- CVE-2024/CVE-2024-64xx/CVE-2024-6443.json | 8 +- CVE-2024/CVE-2024-64xx/CVE-2024-6444.json | 8 +- CVE-2024/CVE-2024-73xx/CVE-2024-7315.json | 4 +- CVE-2024/CVE-2024-73xx/CVE-2024-7341.json | 12 +- CVE-2024/CVE-2024-74xx/CVE-2024-7432.json | 8 +- CVE-2024/CVE-2024-74xx/CVE-2024-7433.json | 8 +- CVE-2024/CVE-2024-74xx/CVE-2024-7434.json | 8 +- CVE-2024/CVE-2024-75xx/CVE-2024-7558.json | 8 +- CVE-2024/CVE-2024-76xx/CVE-2024-7670.json | 8 +- CVE-2024/CVE-2024-76xx/CVE-2024-7671.json | 8 +- CVE-2024/CVE-2024-76xx/CVE-2024-7672.json | 8 +- CVE-2024/CVE-2024-76xx/CVE-2024-7673.json | 8 +- CVE-2024/CVE-2024-76xx/CVE-2024-7674.json | 8 +- CVE-2024/CVE-2024-76xx/CVE-2024-7675.json | 8 +- CVE-2024/CVE-2024-78xx/CVE-2024-7824.json | 8 +- CVE-2024/CVE-2024-78xx/CVE-2024-7825.json | 8 +- CVE-2024/CVE-2024-78xx/CVE-2024-7826.json | 8 +- CVE-2024/CVE-2024-78xx/CVE-2024-7855.json | 8 +- CVE-2024/CVE-2024-78xx/CVE-2024-7869.json | 8 +- CVE-2024/CVE-2024-80xx/CVE-2024-8037.json | 8 +- CVE-2024/CVE-2024-80xx/CVE-2024-8038.json | 8 +- CVE-2024/CVE-2024-81xx/CVE-2024-8107.json | 8 +- CVE-2024/CVE-2024-81xx/CVE-2024-8159.json | 8 +- CVE-2024/CVE-2024-82xx/CVE-2024-8254.json | 4 +- CVE-2024/CVE-2024-82xx/CVE-2024-8282.json | 8 +- CVE-2024/CVE-2024-82xx/CVE-2024-8288.json | 8 +- CVE-2024/CVE-2024-83xx/CVE-2024-8324.json | 8 +- CVE-2024/CVE-2024-83xx/CVE-2024-8352.json | 8 +- CVE-2024/CVE-2024-84xx/CVE-2024-8421.json | 8 +- CVE-2024/CVE-2024-84xx/CVE-2024-8430.json | 8 +- CVE-2024/CVE-2024-84xx/CVE-2024-8499.json | 64 ++ CVE-2024/CVE-2024-85xx/CVE-2024-8505.json | 8 +- CVE-2024/CVE-2024-85xx/CVE-2024-8508.json | 8 +- CVE-2024/CVE-2024-85xx/CVE-2024-8519.json | 8 +- CVE-2024/CVE-2024-85xx/CVE-2024-8520.json | 8 +- CVE-2024/CVE-2024-85xx/CVE-2024-8548.json | 8 +- CVE-2024/CVE-2024-86xx/CVE-2024-8632.json | 8 +- CVE-2024/CVE-2024-86xx/CVE-2024-8675.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8718.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8720.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8727.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8728.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8733.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8786.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8793.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8799.json | 8 +- CVE-2024/CVE-2024-88xx/CVE-2024-8800.json | 4 +- CVE-2024/CVE-2024-88xx/CVE-2024-8802.json | 8 +- CVE-2024/CVE-2024-88xx/CVE-2024-8804.json | 8 +- CVE-2024/CVE-2024-88xx/CVE-2024-8885.json | 8 +- CVE-2024/CVE-2024-89xx/CVE-2024-8967.json | 4 +- CVE-2024/CVE-2024-89xx/CVE-2024-8981.json | 8 +- CVE-2024/CVE-2024-89xx/CVE-2024-8989.json | 8 +- CVE-2024/CVE-2024-89xx/CVE-2024-8990.json | 8 +- CVE-2024/CVE-2024-90xx/CVE-2024-9018.json | 8 +- CVE-2024/CVE-2024-90xx/CVE-2024-9060.json | 4 +- CVE-2024/CVE-2024-90xx/CVE-2024-9071.json | 4 +- CVE-2024/CVE-2024-91xx/CVE-2024-9100.json | 8 +- CVE-2024/CVE-2024-91xx/CVE-2024-9106.json | 8 +- CVE-2024/CVE-2024-91xx/CVE-2024-9108.json | 8 +- CVE-2024/CVE-2024-91xx/CVE-2024-9118.json | 4 +- CVE-2024/CVE-2024-91xx/CVE-2024-9119.json | 8 +- CVE-2024/CVE-2024-91xx/CVE-2024-9145.json | 4 +- CVE-2024/CVE-2024-91xx/CVE-2024-9158.json | 8 +- CVE-2024/CVE-2024-91xx/CVE-2024-9172.json | 4 +- CVE-2024/CVE-2024-91xx/CVE-2024-9174.json | 8 +- CVE-2024/CVE-2024-91xx/CVE-2024-9194.json | 4 +- CVE-2024/CVE-2024-92xx/CVE-2024-9204.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9209.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9210.json | 4 +- CVE-2024/CVE-2024-92xx/CVE-2024-9218.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9220.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9222.json | 4 +- CVE-2024/CVE-2024-92xx/CVE-2024-9224.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9225.json | 4 +- CVE-2024/CVE-2024-92xx/CVE-2024-9228.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9237.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9241.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9242.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9265.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9266.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9267.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9269.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9271.json | 4 +- CVE-2024/CVE-2024-92xx/CVE-2024-9272.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9274.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9279.json | 67 +- CVE-2024/CVE-2024-92xx/CVE-2024-9289.json | 4 +- CVE-2024/CVE-2024-93xx/CVE-2024-9304.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9306.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9313.json | 4 +- CVE-2024/CVE-2024-93xx/CVE-2024-9333.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9341.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9344.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9345.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9349.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9353.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9355.json | 4 +- CVE-2024/CVE-2024-93xx/CVE-2024-9358.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9359.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9360.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9368.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9372.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9375.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9378.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9384.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9391.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9392.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9393.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9394.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9395.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9396.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9397.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9398.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9399.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9400.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9401.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9402.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9403.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9405.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9407.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9411.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9421.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9423.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9429.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9435.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9440.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9441.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9445.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9460.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9481.json | 56 ++ CVE-2024/CVE-2024-94xx/CVE-2024-9482.json | 56 ++ CVE-2024/CVE-2024-94xx/CVE-2024-9483.json | 56 ++ CVE-2024/CVE-2024-94xx/CVE-2024-9484.json | 56 ++ CVE-2024/CVE-2024-95xx/CVE-2024-9513.json | 133 ++++ README.md | 53 +- _state.csv | 702 ++++++++++---------- 361 files changed, 3822 insertions(+), 1080 deletions(-) create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47651.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47652.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47653.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47654.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47655.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47656.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47657.json create mode 100644 CVE-2024/CVE-2024-477xx/CVE-2024-47789.json create mode 100644 CVE-2024/CVE-2024-477xx/CVE-2024-47790.json create mode 100644 CVE-2024/CVE-2024-64xx/CVE-2024-6400.json create mode 100644 CVE-2024/CVE-2024-84xx/CVE-2024-8499.json create mode 100644 CVE-2024/CVE-2024-94xx/CVE-2024-9481.json create mode 100644 CVE-2024/CVE-2024-94xx/CVE-2024-9482.json create mode 100644 CVE-2024/CVE-2024-94xx/CVE-2024-9483.json create mode 100644 CVE-2024/CVE-2024-94xx/CVE-2024-9484.json create mode 100644 CVE-2024/CVE-2024-95xx/CVE-2024-9513.json diff --git a/CVE-2018/CVE-2018-26xx/CVE-2018-2628.json b/CVE-2018/CVE-2018-26xx/CVE-2018-2628.json index 029e12adad4..62f7071c24e 100644 --- a/CVE-2018/CVE-2018-26xx/CVE-2018-2628.json +++ b/CVE-2018/CVE-2018-26xx/CVE-2018-2628.json @@ -2,8 +2,8 @@ "id": "CVE-2018-2628", "sourceIdentifier": "secalert_us@oracle.com", "published": "2018-04-19T02:29:00.457", - "lastModified": "2024-10-03T19:35:01.060", - "vulnStatus": "Modified", + "lastModified": "2024-10-04T13:35:26.863", + "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2022-09-08", "cisaActionDue": "2022-09-29", @@ -22,8 +22,8 @@ "metrics": { "cvssMetricV31": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", @@ -40,15 +40,13 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 - } - ], - "cvssMetricV30": [ + }, { - "source": "nvd@nist.gov", - "type": "Primary", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -157,6 +155,7 @@ "url": "http://www.securityfocus.com/bid/103776", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -165,6 +164,7 @@ "url": "http://www.securitytracker.com/id/1040696", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] diff --git a/CVE-2021/CVE-2021-245xx/CVE-2021-24523.json b/CVE-2021/CVE-2021-245xx/CVE-2021-24523.json index 0366cdf8ad5..08e8a558cb7 100644 --- a/CVE-2021/CVE-2021-245xx/CVE-2021-24523.json +++ b/CVE-2021/CVE-2021-245xx/CVE-2021-24523.json @@ -2,7 +2,7 @@ "id": "CVE-2021-24523", "sourceIdentifier": "contact@wpscan.com", "published": "2021-09-13T18:15:16.077", - "lastModified": "2021-09-23T12:46:11.887", + "lastModified": "2024-10-04T12:53:24.000", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -85,9 +85,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:daily_prayer_time_project:daily_prayer_time:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:mmrs151:daily_prayer_time:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2021.08.10", - "matchCriteriaId": "4E60B610-4059-4272-8C86-1EAF2673EDF5" + "matchCriteriaId": "779AB1FD-D2FA-49E8-871D-0F5E1C875779" } ] } diff --git a/CVE-2021/CVE-2021-375xx/CVE-2021-37577.json b/CVE-2021/CVE-2021-375xx/CVE-2021-37577.json index 85e2c819deb..3b742af0807 100644 --- a/CVE-2021/CVE-2021-375xx/CVE-2021-37577.json +++ b/CVE-2021/CVE-2021-375xx/CVE-2021-37577.json @@ -2,13 +2,17 @@ "id": "CVE-2021-37577", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T15:15:06.423", - "lastModified": "2024-10-01T15:15:06.423", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Bluetooth LE and BR/EDR Secure Connections pairing and Secure Simple Pairing using the Passkey entry protocol in Bluetooth Core Specifications 2.1 through 5.3 may permit an unauthenticated man-in-the-middle attacker to identify the Passkey used during pairing by reflection of a crafted public key with the same X coordinate as the offered public key and by reflection of the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. This is a related issue to CVE-2020-26558." + }, + { + "lang": "es", + "value": "El emparejamiento de conexiones seguras de Bluetooth LE y BR/EDR y el emparejamiento simple seguro mediante el protocolo de entrada de clave de acceso en las especificaciones b\u00e1sicas de Bluetooth 2.1 a 5.3 pueden permitir que un atacante intermediario no autenticado identifique la clave de acceso utilizada durante el emparejamiento mediante el reflejo de una clave p\u00fablica manipulada con la misma coordenada X que la clave p\u00fablica ofrecida y mediante el reflejo de la evidencia de autenticaci\u00f3n del dispositivo iniciador, lo que potencialmente permite que este atacante complete el emparejamiento autenticado con el dispositivo que responde utilizando la clave de acceso correcta para la sesi\u00f3n de emparejamiento. Este es un problema relacionado con CVE-2020-26558." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-276xx/CVE-2023-27631.json b/CVE-2023/CVE-2023-276xx/CVE-2023-27631.json index 344b923586e..578f9bfb85e 100644 --- a/CVE-2023/CVE-2023-276xx/CVE-2023-27631.json +++ b/CVE-2023/CVE-2023-276xx/CVE-2023-27631.json @@ -2,7 +2,7 @@ "id": "CVE-2023-27631", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-22T08:15:09.433", - "lastModified": "2023-06-28T03:27:49.077", + "lastModified": "2024-10-04T12:53:24.000", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -76,9 +76,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:daily_prayer_time_project:daily_prayer_time:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:mmrs151:daily_prayer_time:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "2023.05.04", - "matchCriteriaId": "08D775FF-51F3-496D-9FC9-AFE735D81283" + "matchCriteriaId": "DE6D830B-76BE-49B6-886C-EBD090F79711" } ] } diff --git a/CVE-2023/CVE-2023-276xx/CVE-2023-27632.json b/CVE-2023/CVE-2023-276xx/CVE-2023-27632.json index 3d86540b1a9..563903f6006 100644 --- a/CVE-2023/CVE-2023-276xx/CVE-2023-27632.json +++ b/CVE-2023/CVE-2023-276xx/CVE-2023-27632.json @@ -2,7 +2,7 @@ "id": "CVE-2023-27632", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-12T23:15:09.093", - "lastModified": "2023-11-17T19:29:14.953", + "lastModified": "2024-10-04T12:53:24.000", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:daily_prayer_time_project:daily_prayer_time:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:mmrs151:daily_prayer_time:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "2023.03.08", - "matchCriteriaId": "6F83BED9-7397-49D2-9AD9-38679A7A703E" + "matchCriteriaId": "57FB17EF-A4F0-4D13-BF8E-1065BBDD3214" } ] } diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3441.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3441.json index 669e2e84325..f6fdb870c58 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3441.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3441.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3441", "sourceIdentifier": "cve@gitlab.com", "published": "2024-10-01T10:15:02.997", - "lastModified": "2024-10-01T10:15:02.997", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2023/CVE-2023-378xx/CVE-2023-37822.json b/CVE-2023/CVE-2023-378xx/CVE-2023-37822.json index e267f1147f4..9dcc1ca0807 100644 --- a/CVE-2023/CVE-2023-378xx/CVE-2023-37822.json +++ b/CVE-2023/CVE-2023-378xx/CVE-2023-37822.json @@ -2,13 +2,17 @@ "id": "CVE-2023-37822", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T18:15:04.443", - "lastModified": "2024-10-03T18:15:04.443", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Eufy HomeBase 2 model T8010X v3.2.8.3h was discovered to use the deprecated wireless protocol WPA2-PSK." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Eufy HomeBase 2 modelo T8010X v3.2.8.3h utiliza el protocolo inal\u00e1mbrico obsoleto WPA2-PSK." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-72xx/CVE-2023-7273.json b/CVE-2023/CVE-2023-72xx/CVE-2023-7273.json index e6adbf0e1eb..04c4d9ff696 100644 --- a/CVE-2023/CVE-2023-72xx/CVE-2023-7273.json +++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7273.json @@ -2,13 +2,17 @@ "id": "CVE-2023-7273", "sourceIdentifier": "a341c0d1-ebf7-493f-a84e-38cf86618674", "published": "2024-10-01T13:15:02.463", - "lastModified": "2024-10-01T13:15:02.463", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge requests.\nIf a request has no Authorization header, it is created with an empty string as value by a rewrite rule. The CSRF check is done by comparing the header value to null, meaning that the existing CSRF check is bypassed in this case. An attacker can, for example, create a new administrator account if the request is executed in the browser of an authenticated victim." + }, + { + "lang": "es", + "value": "Cross site request forgery en Kiteworks OwnCloud permite que un atacante no autenticado falsifique solicitudes. Si una solicitud no tiene un encabezado de autorizaci\u00f3n, se crea con una cadena vac\u00eda como valor mediante una regla de reescritura. La comprobaci\u00f3n CSRF se realiza comparando el valor del encabezado con un valor nulo, lo que significa que en este caso se omite la comprobaci\u00f3n CSRF existente. Un atacante puede, por ejemplo, crear una nueva cuenta de administrador si la solicitud se ejecuta en el navegador de una v\u00edctima autenticada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0116.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0116.json index f6447e0daaa..3f42e36ed0b 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0116.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0116.json @@ -2,13 +2,17 @@ "id": "CVE-2024-0116", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-10-01T05:15:11.920", - "lastModified": "2024-10-01T05:15:11.920", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service." + }, + { + "lang": "es", + "value": "NVIDIA Triton Inference Server contiene una vulnerabilidad en la que un usuario puede provocar un problema de lectura fuera de los l\u00edmites al liberar una regi\u00f3n de memoria compartida mientras est\u00e1 en uso. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la denegaci\u00f3n de servicio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0123.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0123.json index 1b32c34878f..82e5dc1a42c 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0123.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0123.json @@ -2,13 +2,17 @@ "id": "CVE-2024-0123", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-10-03T17:15:14.030", - "lastModified": "2024-10-03T17:15:14.030", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service." + }, + { + "lang": "es", + "value": "El kit de herramientas NVIDIA CUDA para Windows y Linux contiene una vulnerabilidad en la herramienta de l\u00ednea de comandos nvdisasm, que permite a un atacante provocar una validaci\u00f3n incorrecta en la entrada de datos enga\u00f1ando al usuario para que ejecute nvdisasm en un archivo ELF malicioso. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar una denegaci\u00f3n de servicio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0124.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0124.json index 4e209dd4de9..db65829517c 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0124.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0124.json @@ -2,13 +2,17 @@ "id": "CVE-2024-0124", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-10-03T17:15:14.253", - "lastModified": "2024-10-03T17:15:14.253", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service." + }, + { + "lang": "es", + "value": "NVIDIA CUDA Toolkit para Windows y Linux contiene una vulnerabilidad en la herramienta de l\u00ednea de comandos nvdisam, donde un usuario puede hacer que nvdisasm lea la memoria liberada al ejecutarla en un archivo ELF mal formado. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar una denegaci\u00f3n de servicio limitada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0125.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0125.json index 575a7aab934..e7fbcfa0af4 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0125.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0125.json @@ -2,13 +2,17 @@ "id": "CVE-2024-0125", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-10-03T17:15:14.490", - "lastModified": "2024-10-03T17:15:14.490", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service." + }, + { + "lang": "es", + "value": "NVIDIA CUDA Toolkit para Windows y Linux contiene una vulnerabilidad en la herramienta de l\u00ednea de comandos nvdisam, donde un usuario puede provocar una desreferencia de puntero NULL al ejecutar nvdisasm en un archivo ELF mal formado. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar una denegaci\u00f3n de servicio limitada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-203xx/CVE-2024-20365.json b/CVE-2024/CVE-2024-203xx/CVE-2024-20365.json index 84cbd8e8195..da9794c89f2 100644 --- a/CVE-2024/CVE-2024-203xx/CVE-2024-20365.json +++ b/CVE-2024/CVE-2024-203xx/CVE-2024-20365.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20365", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:14.863", - "lastModified": "2024-10-02T17:15:14.863", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root.\r\n\r\nThis vulnerability is due to insufficient input validation. An attacker with administrative privileges could exploit this vulnerability by sending crafted commands through the Redfish API on an affected device. A successful exploit could allow the attacker to elevate privileges to root." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la API Redfish de los servidores Cisco UCS B-Series, Cisco UCS Managed C-Series y Cisco UCS X-Series podr\u00eda permitir que un atacante remoto autenticado con privilegios administrativos realice ataques de inyecci\u00f3n de comandos en un sistema afectado y eleve los privilegios a superusuario. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente. Un atacante con privilegios administrativos podr\u00eda aprovechar esta vulnerabilidad enviando comandos manipulados a trav\u00e9s de la API Redfish en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante elevar los privilegios a superusuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-203xx/CVE-2024-20385.json b/CVE-2024/CVE-2024-203xx/CVE-2024-20385.json index ca9da736ec3..223bdc87356 100644 --- a/CVE-2024/CVE-2024-203xx/CVE-2024-20385.json +++ b/CVE-2024/CVE-2024-203xx/CVE-2024-20385.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20385", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:15.110", - "lastModified": "2024-10-02T17:15:15.110", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an unauthenticated, remote attacker to intercept sensitive information from an affected device. \r\n\r\nThis vulnerability exists because the Cisco NDO Validate Peer Certificate site management feature validates the certificates for Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud Network Controller (CNC), and Cisco Nexus Dashboard only when a new site is added or an existing one is reregistered. An attacker could exploit this vulnerability by using machine-in-the-middle techniques to intercept the traffic between the affected device and Cisco NDO and then using a crafted certificate to impersonate the affected device. A successful exploit could allow the attacker to learn sensitive information during communications between these devices." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la implementaci\u00f3n de SSL/TLS de Cisco Nexus Dashboard Orchestrator (NDO) podr\u00eda permitir que un atacante remoto no autenticado intercepte informaci\u00f3n confidencial de un dispositivo afectado. Esta vulnerabilidad existe porque la funci\u00f3n de administraci\u00f3n de sitios Validate Peer Certificate de Cisco NDO valida los certificados para Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud Network Controller (CNC) y Cisco Nexus Dashboard solo cuando se agrega un sitio nuevo o se vuelve a registrar uno existente. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante t\u00e9cnicas de m\u00e1quina en el medio para interceptar el tr\u00e1fico entre el dispositivo afectado y Cisco NDO y luego usar un certificado manipulado para hacerse pasar por el dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante obtenga informaci\u00f3n confidencial durante las comunicaciones entre estos dispositivos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-203xx/CVE-2024-20393.json b/CVE-2024/CVE-2024-203xx/CVE-2024-20393.json index 3aa7f8cb7a3..e3159cb9fcd 100644 --- a/CVE-2024/CVE-2024-203xx/CVE-2024-20393.json +++ b/CVE-2024/CVE-2024-203xx/CVE-2024-20393.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20393", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:15.337", - "lastModified": "2024-10-02T17:15:15.337", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r\nThis vulnerability exists because the web-based management interface discloses sensitive information. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow an attacker to elevate privileges from guest to admin." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores VPN Gigabit de doble WAN Cisco Small Business RV340, RV340W, RV345 y RV345P podr\u00eda permitir que un atacante remoto autenticado eleve los privilegios en un dispositivo afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web revela informaci\u00f3n confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una entrada HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante eleve los privilegios de invitado a administrador." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20432.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20432.json index b81d4cd0361..3fcb13b7602 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20432.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20432.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20432", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:15.550", - "lastModified": "2024-10-02T17:15:15.550", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device.\r\n \r\nThis vulnerability is due to improper user authorization and insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted commands to an affected REST API endpoint or through the web UI. A successful exploit could allow the attacker to execute arbitrary commands on the CLI of a Cisco NDFC-managed device with network-admin privileges.\r\n \r\nNote: This vulnerability does not affect Cisco NDFC when it is configured for storage area network (SAN) controller deployment." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la API REST y la interfaz de usuario web de Cisco Nexus Dashboard Fabric Controller (NDFC) podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios realice un ataque de inyecci\u00f3n de comandos contra un dispositivo afectado. Esta vulnerabilidad se debe a una autorizaci\u00f3n de usuario incorrecta y una validaci\u00f3n insuficiente de los argumentos de los comandos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando comandos manipulados a un endpoint de la API REST afectada o a trav\u00e9s de la interfaz de usuario web. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute comandos arbitrarios en la CLI de un dispositivo administrado por Cisco NDFC con privilegios de administrador de red. Nota: Esta vulnerabilidad no afecta a Cisco NDFC cuando est\u00e1 configurado para la implementaci\u00f3n del controlador de red de \u00e1rea de almacenamiento (SAN)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20438.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20438.json index 919f78e4e9a..294d44b2698 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20438.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20438.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20438", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:15.753", - "lastModified": "2024-10-02T17:15:15.753", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device.\r\n\r\nThis vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited network-admin functions such as reading device configuration information, uploading files, and modifying uploaded files.\r\nNote: This vulnerability only affects a subset of REST API endpoints and does not affect the web-based management interface." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en los endpoints de la API REST de Cisco NDFC podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios lea o escriba archivos en un dispositivo afectado. Esta vulnerabilidad existe debido a la falta de controles de autorizaci\u00f3n en algunos endpoints de la API REST. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes de API manipuladas a un endpoint afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante realice funciones limitadas de administraci\u00f3n de red, como leer informaci\u00f3n de configuraci\u00f3n del dispositivo, cargar archivos y modificar archivos cargados. Nota: Esta vulnerabilidad solo afecta a un subconjunto de endpoints de la API REST y no afecta a la interfaz de administraci\u00f3n basada en web." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20441.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20441.json index cd7c155c662..e90998ac8d7 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20441.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20441.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20441", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:15.967", - "lastModified": "2024-10-02T17:15:15.967", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device.\r\n\r\nThis vulnerability is due to insufficient authorization controls on the affected REST API endpoint. An attacker could exploit this vulnerability by sending crafted API requests to the affected endpoint. A successful exploit could allow the attacker to download config only or full backup files and learn sensitive configuration information. This vulnerability only affects a specific REST API endpoint and does not affect the web-based management interface." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en un endpoint de API REST espec\u00edfico de Cisco NDFC podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios obtenga informaci\u00f3n confidencial sobre un dispositivo afectado. Esta vulnerabilidad se debe a controles de autorizaci\u00f3n insuficientes en el endpoint de API REST afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes de API manipuladas al endpoint afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante descargue solo archivos de configuraci\u00f3n o de respaldo completo y obtenga informaci\u00f3n de configuraci\u00f3n confidencial. Esta vulnerabilidad solo afecta a un endpoint de API REST espec\u00edfico y no afecta a la interfaz de administraci\u00f3n basada en web." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20442.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20442.json index 5ebb997b0a6..0f068f4a55a 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20442.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20442.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20442", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:16.177", - "lastModified": "2024-10-02T17:15:16.177", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device.\r\n\r\nThis vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker could exploit this vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited Administrator functions such as viewing portions of the web UI, generating config only or full backup files, and deleting tech support files. This vulnerability only affects a subset of REST API endpoints and does not affect the web-based management interface." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en los endpoints de la API REST de Cisco Nexus Dashboard podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios realice acciones limitadas de administrador en un dispositivo afectado. Esta vulnerabilidad se debe a controles de autorizaci\u00f3n insuficientes en algunos endpoints de la API REST. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes de API manipuladas a un endpoint afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante realice funciones limitadas de administrador, como ver partes de la interfaz de usuario web, generar archivos de configuraci\u00f3n \u00fanicamente o de respaldo completo y eliminar archivos de soporte t\u00e9cnico. Esta vulnerabilidad solo afecta a un subconjunto de endpoints de la API REST y no afecta a la interfaz de administraci\u00f3n basada en web." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20444.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20444.json index f85e3dac150..bb2e7f083ef 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20444.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20444.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20444", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:16.390", - "lastModified": "2024-10-02T17:15:16.390", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to perform a command injection attack against an affected device.\r\n \r\nThis vulnerability is due to insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted command arguments to a specific REST API endpoint. A successful exploit could allow the attacker to overwrite sensitive files or crash a specific container, which would restart on its own, causing a low-impact denial of service (DoS) condition." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco Nexus Dashboard Fabric Controller (NDFC), anteriormente Cisco Data Center Network Manager (DCNM), podr\u00eda permitir que un atacante remoto autenticado con privilegios de administrador de red realice un ataque de inyecci\u00f3n de comandos contra un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos de los comandos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando argumentos de comandos manipulados a un endpoint de API REST espec\u00edfico. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos confidenciales o bloquear un contenedor espec\u00edfico, que se reiniciar\u00eda por s\u00ed solo, lo que provocar\u00eda una condici\u00f3n de denegaci\u00f3n de servicio (DoS) de bajo impacto." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20448.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20448.json index 725c4138632..ddccb859612 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20448.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20448.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20448", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:16.597", - "lastModified": "2024-10-02T17:15:16.597", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensitive information.\r\n\r\nThis vulnerability is due to the improper storage of sensitive information within config only and full backup files. An attacker could exploit this vulnerability by parsing the contents of a backup file that is generated from an affected device. A successful exploit could allow the attacker to access sensitive information, including NDFC-connected device credentials, the NDFC site manager private key, and the scheduled backup file encryption key." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el software Cisco Nexus Dashboard Fabric Controller (NDFC), anteriormente Cisco Data Center Network Manager (DCNM), podr\u00eda permitir que un atacante con acceso a un archivo de copia de seguridad vea informaci\u00f3n confidencial. Esta vulnerabilidad se debe al almacenamiento inadecuado de informaci\u00f3n confidencial en archivos de copia de seguridad completa y de solo configuraci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad al analizar el contenido de un archivo de copia de seguridad que se genera desde un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder a informaci\u00f3n confidencial, incluidas las credenciales del dispositivo conectado a NDFC, la clave privada del administrador del sitio de NDFC y la clave de cifrado del archivo de copia de seguridad programada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20449.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20449.json index 7237ba801e9..65a10f21ada 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20449.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20449.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20449", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:16.820", - "lastModified": "2024-10-02T17:15:16.820", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device.\r\n\r\nThis vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secure Copy Protocol (SCP) to upload malicious code to an affected device using path traversal techniques. A successful exploit could allow the attacker to execute arbitrary code in a specific container with the privileges of root." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco Nexus Dashboard Fabric Controller (NDFC) podr\u00eda permitir que un atacante remoto autenticado con privilegios bajos ejecute c\u00f3digo arbitrario en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de ruta incorrecta. Un atacante podr\u00eda aprovechar esta vulnerabilidad utilizando el Protocolo de copia segura (SCP) para cargar c\u00f3digo malicioso en un dispositivo afectado utilizando t\u00e9cnicas de path traversal. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en un contenedor espec\u00edfico con los privilegios de superusuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20470.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20470.json index 9fb1cb34350..5dae63de0d5 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20470.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20470.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20470", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:17.027", - "lastModified": "2024-10-02T20:35:31.370", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. In order to exploit this vulnerability, the attacker must have valid admin credentials.\r\n\r\nThis vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores VPN Gigabit de doble WAN Cisco Small Business RV340, RV340W, RV345 y RV345P podr\u00eda permitir que un atacante remoto autenticado ejecute c\u00f3digo arbitrario en un dispositivo afectado. Para aprovechar esta vulnerabilidad, el atacante debe tener credenciales de administrador v\u00e1lidas. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida de manera suficiente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una entrada HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute c\u00f3digo arbitrario como usuario ra\u00edz en el sistema operativo subyacente." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20477.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20477.json index 15f95f09297..134bde25e53 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20477.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20477.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20477", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:17.130", - "lastModified": "2024-10-02T17:15:17.130", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device.\r\n\r\nThis vulnerability exists because of missing authorization controls on the affected REST API endpoint. An attacker could exploit this vulnerability by sending crafted API requests to the affected endpoint. A successful exploit could allow the attacker to upload files into a specific container or delete files from a specific folder within that container. This vulnerability only affects a specific REST API endpoint and does not affect the web-based management interface." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en un endpoint de API REST espec\u00edfico de Cisco NDFC podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios cargue o elimine archivos en un dispositivo afectado. Esta vulnerabilidad existe debido a la falta de controles de autorizaci\u00f3n en el endpoint de API REST afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes de API manipuladas al endpoint afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante cargue archivos en un contenedor espec\u00edfico o elimine archivos de una carpeta espec\u00edfica dentro de ese contenedor. Esta vulnerabilidad solo afecta a un endpoint de API REST espec\u00edfico y no afecta a la interfaz de administraci\u00f3n basada en web." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20490.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20490.json index 6181f1be93d..3303f5c1aa7 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20490.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20490.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20490", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:17.350", - "lastModified": "2024-10-02T17:15:17.350", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco Nexus Dashboard Orchestrator (NDO) could allow an attacker with access to a tech support file to view sensitive information.\r\n\r\nThis vulnerability exists because HTTP proxy credentials could be recorded in an internal log that is stored in the tech support file. An attacker could exploit this vulnerability by accessing a tech support file that is generated from an affected system. A successful exploit could allow the attacker to view HTTP proxy server admin credentials in clear text that are configured on Nexus Dashboard to reach an external network.\r\nNote: Best practice is to store debug logs and tech support files safely and to share them only with trusted parties because they may contain sensitive information." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en una funci\u00f3n de registro de Cisco Nexus Dashboard Fabric Controller (NDFC) y Cisco Nexus Dashboard Orchestrator (NDO) podr\u00eda permitir que un atacante con acceso a un archivo de soporte t\u00e9cnico vea informaci\u00f3n confidencial. Esta vulnerabilidad existe porque las credenciales de proxy HTTP se pueden registrar en un registro interno que se almacena en el archivo de soporte t\u00e9cnico. Un atacante podr\u00eda aprovechar esta vulnerabilidad al acceder a un archivo de soporte t\u00e9cnico que se genera desde un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante vea las credenciales de administrador del servidor proxy HTTP en texto plano que est\u00e1n configuradas en Nexus Dashboard para llegar a una red externa. Nota: La mejor pr\u00e1ctica es almacenar los registros de depuraci\u00f3n y los archivos de soporte t\u00e9cnico de forma segura y compartirlos solo con partes de confianza porque pueden contener informaci\u00f3n confidencial." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20491.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20491.json index 11c38304eed..1772a9a37c7 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20491.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20491.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20491", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:17.563", - "lastModified": "2024-10-02T17:15:17.563", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information.\r\n\r\nThis vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file. An attacker could exploit this vulnerability by accessing a tech support file that is generated from an affected system. A successful exploit could allow the attacker to view remote controller admin credentials in clear text.\r\nNote: Best practice is to store debug logs and tech support files safely and to share them only with trusted parties because they may contain sensitive information." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en una funci\u00f3n de registro de Cisco Nexus Dashboard Insights podr\u00eda permitir que un atacante con acceso a un archivo de soporte t\u00e9cnico vea informaci\u00f3n confidencial. Esta vulnerabilidad existe porque las credenciales del controlador remoto se registran en un registro interno que se almacena en el archivo de soporte t\u00e9cnico. Un atacante podr\u00eda aprovechar esta vulnerabilidad accediendo a un archivo de soporte t\u00e9cnico que se genera desde un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante vea las credenciales de administrador del controlador remoto en texto plano. Nota: La pr\u00e1ctica recomendada es almacenar los registros de depuraci\u00f3n y los archivos de soporte t\u00e9cnico de forma segura y compartirlos solo con partes de confianza porque pueden contener informaci\u00f3n confidencial." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20492.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20492.json index 67c1c21ee79..3defbf3f6e0 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20492.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20492.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20492", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:17.763", - "lastModified": "2024-10-02T17:15:17.763", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have Administrator-level credentials with read-write privileges on an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a series of crafted CLI commands. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of the affected device.\r\nNote: Cisco Expressway Series refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el shell restringido de Cisco Expressway Series podr\u00eda permitir que un atacante local autenticado realice ataques de inyecci\u00f3n de comandos en el sistema operativo subyacente y eleve los privilegios a superusuario. Para explotar esta vulnerabilidad, el atacante debe tener credenciales de nivel de administrador con privilegios de lectura y escritura en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una serie de comandos CLI manipulados. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante escapar del shell restringido y obtener privilegios de superusuario en el sistema operativo subyacente del dispositivo afectado. Nota: Cisco Expressway Series hace referencia a los dispositivos Cisco Expressway Control (Expressway-C) y Cisco Expressway Edge (Expressway-E)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20498.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20498.json index e89b5a58b71..699d1f94604 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20498.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20498.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20498", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T19:15:13.870", - "lastModified": "2024-10-02T19:15:13.870", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention." + }, + { + "lang": "es", + "value": "Varias vulnerabilidades en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00edan permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Estas vulnerabilidades se deben a una validaci\u00f3n insuficiente de los par\u00e1metros proporcionados por el cliente al establecer una sesi\u00f3n VPN SSL. Un atacante podr\u00eda aprovechar estas vulnerabilidades enviando una solicitud HTTPS manipulada al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el servidor VPN de Cisco AnyConnect se reinicie, lo que provocar\u00eda la falla de las conexiones VPN SSL establecidas y obligar\u00eda a los usuarios remotos a iniciar una nueva conexi\u00f3n VPN y volver a autenticarse. Un ataque sostenido podr\u00eda evitar que se establezcan nuevas conexiones VPN SSL. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20499.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20499.json index d25cd931561..70656e2b9a9 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20499.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20499.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20499", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T19:15:14.143", - "lastModified": "2024-10-02T19:15:14.143", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention." + }, + { + "lang": "es", + "value": "Varias vulnerabilidades en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00edan permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Estas vulnerabilidades se deben a una validaci\u00f3n insuficiente de los par\u00e1metros proporcionados por el cliente al establecer una sesi\u00f3n VPN SSL. Un atacante podr\u00eda aprovechar estas vulnerabilidades enviando una solicitud HTTPS manipulada al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el servidor VPN de Cisco AnyConnect se reinicie, lo que provocar\u00eda la falla de las conexiones VPN SSL establecidas y obligar\u00eda a los usuarios remotos a iniciar una nueva conexi\u00f3n VPN y volver a autenticarse. Un ataque sostenido podr\u00eda evitar que se establezcan nuevas conexiones VPN SSL. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20500.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20500.json index 1738162b35c..08c06785c34 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20500.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20500.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20500", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T19:15:14.350", - "lastModified": "2024-10-02T19:15:14.350", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Esta vulnerabilidad se debe a una gesti\u00f3n insuficiente de los recursos al establecer sesiones TLS/SSL. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de mensajes TLS/SSL manipulados al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el servidor VPN de Cisco AnyConnect deje de aceptar nuevas conexiones, lo que impedir\u00eda que se establecieran nuevas conexiones VPN SSL. Las sesiones VPN SSL existentes no se ven afectadas. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20501.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20501.json index b383df3df77..73b955f47c1 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20501.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20501.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20501", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T19:15:14.570", - "lastModified": "2024-10-02T19:15:14.570", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention." + }, + { + "lang": "es", + "value": "Varias vulnerabilidades en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00edan permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Estas vulnerabilidades se deben a una validaci\u00f3n insuficiente de los par\u00e1metros proporcionados por el cliente al establecer una sesi\u00f3n VPN SSL. Un atacante podr\u00eda aprovechar estas vulnerabilidades enviando una solicitud HTTPS manipulada al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el servidor VPN de Cisco AnyConnect se reinicie, lo que provocar\u00eda la falla de las conexiones VPN SSL establecidas y obligar\u00eda a los usuarios remotos a iniciar una nueva conexi\u00f3n VPN y volver a autenticarse. Un ataque sostenido podr\u00eda evitar que se establezcan nuevas conexiones VPN SSL. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20502.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20502.json index cbf018d08a1..dcce486bd2b 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20502.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20502.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20502", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T19:15:14.780", - "lastModified": "2024-10-02T19:15:14.780", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una gesti\u00f3n insuficiente de los recursos al establecer sesiones VPN SSL. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de solicitudes HTTPS manipuladas al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el servidor VPN de Cisco AnyConnect deje de aceptar nuevas conexiones, lo que impedir\u00eda que se establecieran nuevas conexiones VPN SSL. Las sesiones VPN SSL existentes no se ven afectadas. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20509.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20509.json index 458def638ad..b2ec01f1e36 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20509.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20509.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20509", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T19:15:14.997", - "lastModified": "2024-10-02T19:15:14.997", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device.\r\n\r\nThis vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00eda permitir que un atacante remoto no autenticado secuestre una sesi\u00f3n VPN de AnyConnect o provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) para usuarios individuales del servicio VPN de AnyConnect en un dispositivo afectado. Esta vulnerabilidad se debe a una entrop\u00eda d\u00e9bil para los controladores que se utilizan durante el proceso de autenticaci\u00f3n de VPN, as\u00ed como a una condici\u00f3n de ejecuci\u00f3n que existe en el mismo proceso. Un atacante podr\u00eda aprovechar esta vulnerabilidad adivinando correctamente un controlador de autenticaci\u00f3n y luego enviando solicitudes HTTPS manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante tomar el control de la sesi\u00f3n VPN de AnyConnect de un usuario objetivo o evitar que el usuario objetivo establezca una sesi\u00f3n VPN de AnyConnect con el dispositivo afectado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20513.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20513.json index 9e907337ffd..3da993d8d1c 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20513.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20513.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20513", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T19:15:15.210", - "lastModified": "2024-10-02T19:15:15.210", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) para usuarios espec\u00edficos del servicio AnyConnect en un dispositivo afectado. Esta vulnerabilidad se debe a una entrop\u00eda insuficiente para los controladores que se utilizan durante el establecimiento de una sesi\u00f3n VPN SSL. Un atacante no autenticado podr\u00eda explotar esta vulnerabilidad mediante la fuerza bruta de controladores de sesi\u00f3n v\u00e1lidos. Un atacante autenticado podr\u00eda explotar esta vulnerabilidad conect\u00e1ndose al servicio VPN AnyConnect de un dispositivo afectado para recuperar un controlador de sesi\u00f3n v\u00e1lido y, en funci\u00f3n de ese controlador, predecir otros controladores de sesi\u00f3n v\u00e1lidos. A continuaci\u00f3n, el atacante enviar\u00eda una solicitud HTTPS manipulada mediante el controlador de sesi\u00f3n forzado o previsto al servidor VPN AnyConnect del dispositivo. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante finalizar sesiones VPN SSL espec\u00edficas, lo que obligar\u00eda a los usuarios remotos a iniciar nuevas conexiones VPN y volver a autenticarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20515.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20515.json index 50dfcc8bfa3..f44e701a5bd 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20515.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20515.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20515", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:17.973", - "lastModified": "2024-10-02T17:15:17.973", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device.\r\n\r\nThis vulnerability is due to a lack of proper data protection mechanisms for certain configuration settings. An attacker with Read-Only Administrator privileges could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to view device credentials that are normally not visible to Read-Only Administrators." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Identity Services Engine (ISE) podr\u00eda permitir que un atacante remoto autenticado obtenga informaci\u00f3n confidencial de un dispositivo afectado. Esta vulnerabilidad se debe a la falta de mecanismos de protecci\u00f3n de datos adecuados para determinadas opciones de configuraci\u00f3n. Un atacante con privilegios de administrador de solo lectura podr\u00eda aprovechar esta vulnerabilidad navegando a una p\u00e1gina que contenga datos confidenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver las credenciales del dispositivo que normalmente no son visibles para los administradores de solo lectura." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20516.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20516.json index ee8be54e21a..d48daeb52f7 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20516.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20516.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20516", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:18.200", - "lastModified": "2024-10-02T17:15:18.200", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n \r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20517.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20517.json index 410fd7aef8b..1cada718471 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20517.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20517.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20517", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:18.417", - "lastModified": "2024-10-02T17:15:18.417", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n \r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20518.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20518.json index 8860b0846f3..f8f3bea2898 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20518.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20518.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20518", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:18.637", - "lastModified": "2024-10-02T17:15:18.637", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n \r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado de nivel de administrador ejecute c\u00f3digo arbitrario como usuario ra\u00edz. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario ra\u00edz." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20519.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20519.json index 798996ade19..decbae686c1 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20519.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20519.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20519", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:18.837", - "lastModified": "2024-10-02T17:15:18.837", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n \r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado de nivel de administrador ejecute c\u00f3digo arbitrario como usuario ra\u00edz. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario ra\u00edz." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20520.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20520.json index 9b4f762f4ab..f20e8201eff 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20520.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20520.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20520", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:19.050", - "lastModified": "2024-10-02T17:15:19.050", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n \r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado de nivel de administrador ejecute c\u00f3digo arbitrario como usuario ra\u00edz. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario ra\u00edz." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20521.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20521.json index 52cd84c4a58..4cf8b926363 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20521.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20521.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20521", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:19.280", - "lastModified": "2024-10-02T17:15:19.280", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n \r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado de nivel de administrador ejecute c\u00f3digo arbitrario como usuario ra\u00edz. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario ra\u00edz." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20522.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20522.json index 748a4f3676e..50be4c674a4 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20522.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20522.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20522", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:19.490", - "lastModified": "2024-10-02T17:15:19.490", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n \r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20523.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20523.json index 973b66f3e66..97684b8d4d4 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20523.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20523.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20523", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:19.707", - "lastModified": "2024-10-02T17:15:19.707", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n \r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20524.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20524.json index 833334f3754..4c523f13cf9 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20524.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20524.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20524", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-02T17:15:19.930", - "lastModified": "2024-10-02T17:15:19.930", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n \r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-214xx/CVE-2024-21489.json b/CVE-2024/CVE-2024-214xx/CVE-2024-21489.json index 40b7418895e..80f18f7c3bf 100644 --- a/CVE-2024/CVE-2024-214xx/CVE-2024-21489.json +++ b/CVE-2024/CVE-2024-214xx/CVE-2024-21489.json @@ -2,13 +2,17 @@ "id": "CVE-2024-21489", "sourceIdentifier": "report@snyk.io", "published": "2024-10-01T05:15:12.227", - "lastModified": "2024-10-01T05:15:12.227", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Versions of the package uplot before 1.6.31 are vulnerable to Prototype Pollution via the uplot.assign function due to missing check if the attribute resolves to the object prototype." + }, + { + "lang": "es", + "value": "Las versiones del paquete uplot anteriores a 1.6.31 son vulnerables a la contaminaci\u00f3n de prototipos a trav\u00e9s de la funci\u00f3n uplot.assign debido a la falta de verificaci\u00f3n de si el atributo se resuelve en el prototipo del objeto." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21530.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21530.json index 2a692c8e673..11c3ddefbe2 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21530.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21530.json @@ -2,13 +2,17 @@ "id": "CVE-2024-21530", "sourceIdentifier": "report@snyk.io", "published": "2024-10-02T05:15:11.300", - "lastModified": "2024-10-02T05:15:11.300", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Versions of the package cocoon before 0.4.0 are vulnerable to Reusing a Nonce, Key Pair in Encryption when the encrypt, wrap, and dump functions are sequentially called. An attacker can generate the same ciphertext by creating a new encrypted message with the same cocoon object.\r\r**Note:**\rThe issue does NOT affect objects created with Cocoon::new which utilizes ThreadRng." + }, + { + "lang": "es", + "value": "Las versiones del paquete cocoon anteriores a la 0.4.0 son vulnerables a la reutilizaci\u00f3n de un par de claves nonce en el cifrado cuando se invocan secuencialmente las funciones de cifrado, envoltura y volcado. Un atacante puede generar el mismo texto cifrado creando un nuevo mensaje cifrado con el mismo objeto cocoon. **Nota:** El problema NO afecta a los objetos creados con Cocoon::new, que utiliza ThreadRng." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21531.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21531.json index df6d6b10f6f..27ac41f5f4f 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21531.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21531.json @@ -2,13 +2,17 @@ "id": "CVE-2024-21531", "sourceIdentifier": "report@snyk.io", "published": "2024-10-01T05:15:12.440", - "lastModified": "2024-10-01T05:15:12.440", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "All versions of the package git-shallow-clone are vulnerable to Command injection due to missing sanitization or mitigation flags in the process variable of the gitShallowClone function." + }, + { + "lang": "es", + "value": "Todas las versiones del paquete git-shallow-clone son vulnerables a la inyecci\u00f3n de comandos debido a la falta de indicadores de saneamiento o mitigaci\u00f3n en la variable de proceso de la funci\u00f3n gitShallowClone." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-241xx/CVE-2024-24116.json b/CVE-2024/CVE-2024-241xx/CVE-2024-24116.json index 88030940056..52c8091c6cf 100644 --- a/CVE-2024/CVE-2024-241xx/CVE-2024-24116.json +++ b/CVE-2024/CVE-2024-241xx/CVE-2024-24116.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24116", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T19:15:15.463", - "lastModified": "2024-10-02T19:15:15.463", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm." + }, + { + "lang": "es", + "value": "Un problema en Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) permite que un atacante remoto obtenga privilegios a trav\u00e9s de system/config_menu.htm." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-241xx/CVE-2024-24117.json b/CVE-2024/CVE-2024-241xx/CVE-2024-24117.json index 72f216f795a..5c98c6ebf4a 100644 --- a/CVE-2024/CVE-2024-241xx/CVE-2024-24117.json +++ b/CVE-2024/CVE-2024-241xx/CVE-2024-24117.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24117", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T21:15:13.300", - "lastModified": "2024-10-02T21:15:13.300", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de permisos inseguros en Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) permite a un atacante remoto obtener privilegios a trav\u00e9s del componente de verificaci\u00f3n de estado de inicio de sesi\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-241xx/CVE-2024-24122.json b/CVE-2024/CVE-2024-241xx/CVE-2024-24122.json index 6f8e3109659..d9815866cc5 100644 --- a/CVE-2024/CVE-2024-241xx/CVE-2024-24122.json +++ b/CVE-2024/CVE-2024-241xx/CVE-2024-24122.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24122", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T18:15:04.957", - "lastModified": "2024-10-02T18:15:04.957", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in the project management of Wanxing Technology's Yitu project which allows an attacker to use the exp.adpx file as a zip compressed file to construct a special file name, which can be used to decompress the project file into the system startup folder, restart the system, and automatically execute the constructed attack script." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en la gesti\u00f3n de proyectos del proyecto Yitu de Wanxing Technology que permite a un atacante utilizar el archivo exp.adpx como un archivo comprimido zip para construir un nombre de archivo especial, que puede usarse para descomprimir el archivo del proyecto en la carpeta de inicio del sistema, reiniciar el sistema y ejecutar autom\u00e1ticamente el script de ataque construido." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-255xx/CVE-2024-25590.json b/CVE-2024/CVE-2024-255xx/CVE-2024-25590.json index b9c03dca2c1..8f78563dae1 100644 --- a/CVE-2024/CVE-2024-255xx/CVE-2024-25590.json +++ b/CVE-2024/CVE-2024-255xx/CVE-2024-25590.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25590", "sourceIdentifier": "security@open-xchange.com", "published": "2024-10-03T16:15:04.643", - "lastModified": "2024-10-03T16:15:04.643", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker can publish a zone containing specific Resource Record Sets.\n\n Repeatedly processing and caching results for these sets can lead to a \n\ndenial of service." + }, + { + "lang": "es", + "value": "Un atacante puede publicar una zona que contenga conjuntos de registros de recursos espec\u00edficos. El procesamiento y almacenamiento en cach\u00e9 repetidos de los resultados de estos conjuntos puede provocar una denegaci\u00f3n de servicio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25632.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25632.json index b840a3bdd0f..6292cec01a6 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25632.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25632.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25632", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T15:15:07.383", - "lastModified": "2024-10-01T15:15:07.383", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "eLabFTW is an open source electronic lab notebook for research labs. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned team/teams. A user may be an administrator in one team and a regular user in another. The vulnerability allows a regular user to become administrator of a team where they are a member, under a reasonable configuration. Additionally, in eLabFTW versions subsequent to v5.0.0, the vulnerability may allow an initially unauthenticated user to gain administrative privileges over an arbitrary team. The vulnerability does not affect system administrator status. Users should upgrade to version 5.1.0. System administrators are advised to turn off local user registration, saml_team_create and not allow administrators to import users into teams, unless strictly required." + }, + { + "lang": "es", + "value": "eLabFTW es un cuaderno de laboratorio electr\u00f3nico de c\u00f3digo abierto para laboratorios de investigaci\u00f3n. En el contexto de eLabFTW, un administrador es una cuenta de usuario con ciertos privilegios para administrar usuarios y contenido en su equipo o equipos asignados. Un usuario puede ser administrador en un equipo y usuario regular en otro. La vulnerabilidad permite que un usuario regular se convierta en administrador de un equipo del que es miembro, bajo una configuraci\u00f3n razonable. Adem\u00e1s, en versiones de eLabFTW posteriores a la v5.0.0, la vulnerabilidad puede permitir que un usuario inicialmente no autenticado obtenga privilegios administrativos sobre un equipo arbitrario. La vulnerabilidad no afecta el estado de administrador del sistema. Los usuarios deben actualizar a la versi\u00f3n 5.1.0. Se recomienda a los administradores del sistema que desactiven el registro de usuarios locales, saml_team_create y no permitan que los administradores importen usuarios a los equipos, a menos que sea estrictamente necesario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25658.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25658.json index d2afb987532..8c5e8c014f8 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25658.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25658.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25658", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T15:15:07.640", - "lastModified": "2024-10-01T15:15:07.640", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cleartext storage of passwords in Infinera TNMS (Transcend Network Management System) Server 19.10.3 allows attackers (with access to the database or exported configuration files) to obtain SNMP users' usernames and passwords in cleartext." + }, + { + "lang": "es", + "value": "El almacenamiento de contrase\u00f1as en texto plano en Infinera TNMS (Transcend Network Management System) Server 19.10.3 permite a los atacantes (con acceso a la base de datos o a los archivos de configuraci\u00f3n exportados) obtener los nombres de usuario y las contrase\u00f1as de los usuarios de SNMP en texto plano." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25659.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25659.json index ce20c6dff12..8ceb6a94b77 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25659.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25659.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25659", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T16:15:09.363", - "lastModified": "2024-10-01T18:35:06.917", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Infinera TNMS (Transcend Network Management System) 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories outside the SFTP user home directory." + }, + { + "lang": "es", + "value": "En Infinera TNMS (Transcend Network Management System) 19.10.3, una configuraci\u00f3n predeterminada insegura del servidor SFTP interno en servidores Linux permite a un atacante remoto acceder a archivos y directorios fuera del directorio de inicio del usuario SFTP." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25660.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25660.json index 213253da260..38c4a2c42b0 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25660.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25660.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25660", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T16:15:09.463", - "lastModified": "2024-10-01T18:35:07.807", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low-privileged remote attacker to conduct unauthorized file operations, because of execution with unnecessary privileges." + }, + { + "lang": "es", + "value": "El servicio WebDAV en Infinera TNMS (Transcend Network Management System) 19.10.3 permite que un atacante remoto con pocos privilegios realice operaciones de archivos no autorizadas debido a la ejecuci\u00f3n con privilegios innecesarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25661.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25661.json index 7546bb0a512..8a189464aa9 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25661.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25661.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25661", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T15:15:07.740", - "lastModified": "2024-10-01T15:35:11.597", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain various users' passwords by reading memory dumps of the desktop application." + }, + { + "lang": "es", + "value": "En Infinera TNMS (Transcend Network Management System) 19.10.3, el almacenamiento de texto plano de informaci\u00f3n confidencial en la memoria de la aplicaci\u00f3n de escritorio TNMS Client permite a los administradores del sistema operativo invitado obtener las contrase\u00f1as de varios usuarios leyendo volcados de memoria de la aplicaci\u00f3n de escritorio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28807.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28807.json index f81a7042d88..c3f551e9a5a 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28807.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28807.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28807", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T21:15:03.427", - "lastModified": "2024-09-30T21:35:02.137", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information in the memory of the @CT desktop management application allows guest OS administrators to obtain various users' passwords by accessing memory dumps of the desktop application." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Infinera hiT 7300 5.60.50. El almacenamiento de texto plano de informaci\u00f3n confidencial en la memoria de la aplicaci\u00f3n de administraci\u00f3n de escritorio @CT permite que los administradores del sistema operativo invitado obtengan las contrase\u00f1as de varios usuarios accediendo a los volcados de memoria de la aplicaci\u00f3n de escritorio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28808.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28808.json index b54a2cab3f3..ca816b5f573 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28808.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28808.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28808", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T21:15:03.493", - "lastModified": "2024-09-30T21:15:03.493", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Infinera hiT 7300 5.60.50. Hidden functionality in the web interface allows a remote authenticated attacker to access reserved information by accessing undocumented web applications." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Infinera hiT 7300 5.60.50. Una funcionalidad oculta en la interfaz web permite que un atacante remoto autenticado acceda a informaci\u00f3n reservada mediante el acceso a aplicaciones web no documentadas. " } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28809.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28809.json index c09287185f3..13061a55ef6 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28809.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28809.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28809", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T18:15:05.633", - "lastModified": "2024-09-30T21:35:03.053", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Infinera hiT 7300 5.60.50. El almacenamiento en texto plano de contrase\u00f1as confidenciales en paquetes de actualizaci\u00f3n de firmware permite a los atacantes acceder a varios servicios del dispositivo mediante credenciales codificadas." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28810.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28810.json index f1cf1304834..701cf8b62da 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28810.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28810.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28810", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T19:15:03.987", - "lastModified": "2024-09-30T21:35:03.830", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic files (exported by the @CT application) allows an attacker to achieve loss of confidentiality by analyzing these files." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Infinera hiT 7300 5.60.50. La informaci\u00f3n confidencial dentro de los archivos de diagn\u00f3stico (exportados por la aplicaci\u00f3n @CT) permite que un atacante logre la p\u00e9rdida de confidencialidad al analizar estos archivos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28811.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28811.json index e9fdbe45ead..214f3e3ded3 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28811.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28811.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28811", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T19:15:04.060", - "lastModified": "2024-09-30T19:15:04.060", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Infinera hiT 7300 5.60.50. Una aplicaci\u00f3n web permite que un atacante remoto con privilegios ejecute aplicaciones contenidas en un directorio de SO espec\u00edfico a trav\u00e9s de invocaciones HTTP." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28812.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28812.json index 3d0c722f32d..69ba4ec45d0 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28812.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28812.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28812", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T19:15:04.130", - "lastModified": "2024-09-30T19:35:03.620", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local management network interface) with hardcoded credentials allows attackers to access the appliance operating system (with highest privileges) via an SSH connection." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Infinera hiT 7300 5.60.50. Un servicio SSH oculto (en la interfaz de red de administraci\u00f3n local) con credenciales codificadas permite a los atacantes acceder al sistema operativo del dispositivo (con los privilegios m\u00e1s altos) a trav\u00e9s de una conexi\u00f3n SSH." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28813.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28813.json index 03f42208ab8..d71789d9145 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28813.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28813.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28813", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T19:15:04.210", - "lastModified": "2024-09-30T19:35:04.427", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Infinera hiT 7300 5.60.50. Las funciones privilegiadas no documentadas en la aplicaci\u00f3n de administraci\u00f3n @CT permiten que un atacante active el acceso SSH remoto al dispositivo a trav\u00e9s de una interfaz de red inesperada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28888.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28888.json index 1a13d1c8c33..c86ead3890e 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28888.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28888.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28888", "sourceIdentifier": "talos-cna@cisco.com", "published": "2024-10-02T21:15:13.430", - "lastModified": "2024-10-03T16:15:04.900", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30132.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30132.json index 82afb5692cf..6201673ed14 100644 --- a/CVE-2024/CVE-2024-301xx/CVE-2024-30132.json +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30132.json @@ -2,13 +2,17 @@ "id": "CVE-2024-30132", "sourceIdentifier": "psirt@hcl.com", "published": "2024-10-01T12:15:03.687", - "lastModified": "2024-10-01T12:15:03.687", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors." + }, + { + "lang": "es", + "value": "El servidor HCL Nomad en Domino no configur\u00f3 ciertos encabezados de seguridad HTTP de forma predeterminada, lo que podr\u00eda permitir que un atacante obtenga informaci\u00f3n confidencial a trav\u00e9s de vectores no especificados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-30xx/CVE-2024-3056.json b/CVE-2024/CVE-2024-30xx/CVE-2024-3056.json index c373e02b15b..a2faef11925 100644 --- a/CVE-2024/CVE-2024-30xx/CVE-2024-3056.json +++ b/CVE-2024/CVE-2024-30xx/CVE-2024-3056.json @@ -2,7 +2,7 @@ "id": "CVE-2024-3056", "sourceIdentifier": "secalert@redhat.com", "published": "2024-08-02T21:16:30.950", - "lastModified": "2024-09-23T17:19:10.877", + "lastModified": "2024-10-04T12:31:32.350", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -22,20 +22,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", - "attackComplexity": "LOW", + "attackComplexity": "HIGH", "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", - "baseScore": 7.7, - "baseSeverity": "HIGH" + "baseScore": 4.8, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 3.1, - "impactScore": 4.0 + "exploitabilityScore": 1.2, + "impactScore": 3.6 }, { "source": "secalert@redhat.com", diff --git a/CVE-2024/CVE-2024-318xx/CVE-2024-31835.json b/CVE-2024/CVE-2024-318xx/CVE-2024-31835.json index 3db01ab0d87..48dd69c7699 100644 --- a/CVE-2024/CVE-2024-318xx/CVE-2024-31835.json +++ b/CVE-2024/CVE-2024-318xx/CVE-2024-31835.json @@ -2,13 +2,17 @@ "id": "CVE-2024-31835", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T19:15:07.493", - "lastModified": "2024-10-01T19:15:07.493", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in flatpress CMS Flatpress v1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the file name parameter." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting en Flatpress CMS Flatpress v1.3 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado en el par\u00e1metro de nombre de archivo." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-332xx/CVE-2024-33209.json b/CVE-2024/CVE-2024-332xx/CVE-2024-33209.json index 065c4800496..30011260e16 100644 --- a/CVE-2024/CVE-2024-332xx/CVE-2024-33209.json +++ b/CVE-2024/CVE-2024-332xx/CVE-2024-33209.json @@ -2,13 +2,17 @@ "id": "CVE-2024-33209", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T16:15:10.300", - "lastModified": "2024-10-02T16:15:10.300", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the \"Add New Entry\" section, which allows them to execute arbitrary code in the context of a victim's web browser." + }, + { + "lang": "es", + "value": "FlatPress v1.3 es vulnerable a Cross Site Scripting (XSS). Un atacante puede inyectar c\u00f3digo JavaScript malicioso en la secci\u00f3n \"Agregar nueva entrada\", lo que le permite ejecutar c\u00f3digo arbitrario en el contexto del navegador web de la v\u00edctima." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-332xx/CVE-2024-33210.json b/CVE-2024/CVE-2024-332xx/CVE-2024-33210.json index 659dad82f89..9ae7731a1b7 100644 --- a/CVE-2024/CVE-2024-332xx/CVE-2024-33210.json +++ b/CVE-2024/CVE-2024-332xx/CVE-2024-33210.json @@ -2,13 +2,17 @@ "id": "CVE-2024-33210", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T16:15:10.383", - "lastModified": "2024-10-02T16:35:30.553", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users." + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad de Cross-Site Scripting (XSS) en Flatpress 1.3. Esta vulnerabilidad permite a un atacante inyectar secuencias de comandos maliciosas en p\u00e1ginas web visitadas por otros usuarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-336xx/CVE-2024-33662.json b/CVE-2024/CVE-2024-336xx/CVE-2024-33662.json index fe1a91bfbdc..892cac5f6f7 100644 --- a/CVE-2024/CVE-2024-336xx/CVE-2024-33662.json +++ b/CVE-2024/CVE-2024-336xx/CVE-2024-33662.json @@ -2,13 +2,17 @@ "id": "CVE-2024-33662", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T05:15:11.643", - "lastModified": "2024-10-02T05:15:11.643", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Portainer before 2.20.2 improperly uses an encryption algorithm in the AesEncrypt function." + }, + { + "lang": "es", + "value": "Portainer anterior a 2.20.2 utiliza incorrectamente un algoritmo de cifrado en la funci\u00f3n AesEncrypt." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-345xx/CVE-2024-34535.json b/CVE-2024/CVE-2024-345xx/CVE-2024-34535.json index 75a7da46ff4..d73b12c550a 100644 --- a/CVE-2024/CVE-2024-345xx/CVE-2024-34535.json +++ b/CVE-2024/CVE-2024-345xx/CVE-2024-34535.json @@ -2,13 +2,17 @@ "id": "CVE-2024-34535", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T18:15:04.693", - "lastModified": "2024-10-03T18:15:04.693", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Mastodon 4.1.6, API endpoint rate limiting can be bypassed by setting a crafted HTTP request header." + }, + { + "lang": "es", + "value": "En Mastodon 4.1.6, la limitaci\u00f3n de velocidad del endpoint de la API se puede evitar configurando un encabezado de solicitud HTTP manipulado espec\u00edficamente." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-352xx/CVE-2024-35293.json b/CVE-2024/CVE-2024-352xx/CVE-2024-35293.json index c3f5c9fefff..abffc139c20 100644 --- a/CVE-2024/CVE-2024-352xx/CVE-2024-35293.json +++ b/CVE-2024/CVE-2024-352xx/CVE-2024-35293.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35293", "sourceIdentifier": "info@cert.vde.com", "published": "2024-10-02T10:15:03.160", - "lastModified": "2024-10-02T10:15:03.160", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede usar una vulnerabilidad de autenticaci\u00f3n faltante para una funci\u00f3n cr\u00edtica para reiniciar o borrar los dispositivos afectados, lo que resulta en p\u00e9rdida de datos y/o un DoS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-352xx/CVE-2024-35294.json b/CVE-2024/CVE-2024-352xx/CVE-2024-35294.json index dceb6396d73..c49524d2520 100644 --- a/CVE-2024/CVE-2024-352xx/CVE-2024-35294.json +++ b/CVE-2024/CVE-2024-352xx/CVE-2024-35294.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35294", "sourceIdentifier": "info@cert.vde.com", "published": "2024-10-02T11:15:10.780", - "lastModified": "2024-10-02T11:15:10.780", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede utilizar la captura de tr\u00e1fico de dispositivos sin autenticaci\u00f3n para obtener credenciales administrativas en texto plano." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-354xx/CVE-2024-35495.json b/CVE-2024/CVE-2024-354xx/CVE-2024-35495.json index b612f4f8a8b..3cfc8b85937 100644 --- a/CVE-2024/CVE-2024-354xx/CVE-2024-35495.json +++ b/CVE-2024/CVE-2024-354xx/CVE-2024-35495.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35495", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T18:15:05.713", - "lastModified": "2024-09-30T18:15:05.713", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0 and Tapo P125M 1.0.0 Build 220930 Rel.143947 allows attackers to observe device state via observing network traffic." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en el componente Telemetr\u00eda en TP-Link Kasa KP125M V1.0.0 y Tapo P125M 1.0.0 Build 220930 Rel.143947 permite a los atacantes observar el estado del dispositivo mediante la observaci\u00f3n del tr\u00e1fico de la red." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36474.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36474.json index 368e3211017..13b268b4451 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36474.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36474.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36474", "sourceIdentifier": "talos-cna@cisco.com", "published": "2024-10-03T16:15:05.010", - "lastModified": "2024-10-03T16:15:05.010", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de desbordamiento de n\u00fameros enteros en el analizador de formato de archivo binario de documento compuesto de GNOME Project G Structured File Library (libgsf), versi\u00f3n v1.14.52. Un archivo especialmente manipulado puede provocar un desbordamiento de n\u00fameros enteros al procesar el directorio desde el archivo que permite que se utilice un \u00edndice fuera de los l\u00edmites al leer y escribir en una matriz. Esto puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Un atacante puede proporcionar un archivo malicioso para activar esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-397xx/CVE-2024-39755.json b/CVE-2024/CVE-2024-397xx/CVE-2024-39755.json index cab70123e5b..3d231a4691a 100644 --- a/CVE-2024/CVE-2024-397xx/CVE-2024-39755.json +++ b/CVE-2024/CVE-2024-397xx/CVE-2024-39755.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39755", "sourceIdentifier": "talos-cna@cisco.com", "published": "2024-10-03T16:15:05.230", - "lastModified": "2024-10-03T16:15:05.230", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A privilege escalation vulnerability exists in the Veertu Anka Build 1.42.0. The vulnerability occurs during Anka node agent update. A low privilege user can trigger the update action which can result in unexpected elevation of privilege." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de escalada de privilegios en Veertu Anka Build 1.42.0. La vulnerabilidad ocurre durante la actualizaci\u00f3n del agente del nodo Anka. Un usuario con pocos privilegios puede activar la acci\u00f3n de actualizaci\u00f3n, lo que puede provocar una elevaci\u00f3n inesperada de privilegios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-39xx/CVE-2024-3944.json b/CVE-2024/CVE-2024-39xx/CVE-2024-3944.json index 38365e2a8a5..dcf9d745ad0 100644 --- a/CVE-2024/CVE-2024-39xx/CVE-2024-3944.json +++ b/CVE-2024/CVE-2024-39xx/CVE-2024-3944.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3944", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:26.403", - "lastModified": "2024-08-29T13:25:27.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-04T13:19:51.383", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:delower:wp_to_do:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.3.0", + "matchCriteriaId": "48CF09FC-8FBD-4B6D-97E0-91F39CD1B51F" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wp-todo/trunk/inc/Base/Model.php#L225", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b36b9b8a-41b0-4b57-92c7-5acebe2b0bae?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-411xx/CVE-2024-41163.json b/CVE-2024/CVE-2024-411xx/CVE-2024-41163.json index 5f58d47a26f..5d7cc12fb87 100644 --- a/CVE-2024/CVE-2024-411xx/CVE-2024-41163.json +++ b/CVE-2024/CVE-2024-411xx/CVE-2024-41163.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41163", "sourceIdentifier": "talos-cna@cisco.com", "published": "2024-10-03T16:15:05.427", - "lastModified": "2024-10-03T16:15:05.427", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A directory traversal vulnerability exists in the archive download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of arbitrary files. An attacker can make an unauthenticated HTTP request to exploit this vulnerability." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de navegaci\u00f3n de directorios en la funci\u00f3n de descarga de archivos de Veertu Anka Build 1.42.0. Una solicitud HTTP especialmente manipulada puede dar lugar a la divulgaci\u00f3n de archivos arbitrarios. Un atacante puede realizar una solicitud HTTP no autenticada para aprovechar esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-412xx/CVE-2024-41276.json b/CVE-2024/CVE-2024-412xx/CVE-2024-41276.json index a16cd5390c2..ea1f33dd4ee 100644 --- a/CVE-2024/CVE-2024-412xx/CVE-2024-41276.json +++ b/CVE-2024/CVE-2024-412xx/CVE-2024-41276.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41276", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:05.477", - "lastModified": "2024-10-01T15:35:13.190", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanism can be easily bypassed, enabling attackers to perform a brute force attack to guess the correct PIN and gain unauthorized access to the application." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la versi\u00f3n 57.131.12 y anteriores de Kaiten permite a los atacantes eludir el mecanismo de autenticaci\u00f3n del c\u00f3digo PIN. La aplicaci\u00f3n requiere que los usuarios ingresen un c\u00f3digo PIN de 6 d\u00edgitos que se env\u00eda a su correo electr\u00f3nico para la autorizaci\u00f3n despu\u00e9s de ingresar sus credenciales de inicio de sesi\u00f3n. Sin embargo, el mecanismo de limitaci\u00f3n de solicitudes se puede eludir f\u00e1cilmente, lo que permite a los atacantes realizar un ataque de fuerza bruta para adivinar el PIN correcto y obtener acceso no autorizado a la aplicaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-412xx/CVE-2024-41290.json b/CVE-2024/CVE-2024-412xx/CVE-2024-41290.json index 9027bfab030..416dc44e5d4 100644 --- a/CVE-2024/CVE-2024-412xx/CVE-2024-41290.json +++ b/CVE-2024/CVE-2024-412xx/CVE-2024-41290.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41290", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T17:15:20.217", - "lastModified": "2024-10-02T19:35:05.817", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via the cookie's component." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que FlatPress CMS v1.3.1 1.3 utiliza m\u00e9todos inseguros para almacenar datos de autenticaci\u00f3n a trav\u00e9s del componente de cookies." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41583.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41583.json index b22e749f252..68dd4da30d8 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41583.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41583.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41583", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.053", - "lastModified": "2024-10-03T19:35:13.010", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting (XSS) by authenticated users due to poor sanitization of the router name." + }, + { + "lang": "es", + "value": "Los dispositivos DrayTek Vigor3910 hasta 4.3.2.6 son vulnerables a Cross Site Scripting (XSS) Almacenado por usuarios autenticados debido a una mala desinfecci\u00f3n del nombre del enrutador." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41584.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41584.json index 3439cc7f864..823156874f3 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41584.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41584.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41584", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.140", - "lastModified": "2024-10-03T19:35:13.793", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation of the sFormAuthStr parameter." + }, + { + "lang": "es", + "value": "Los dispositivos DrayTek Vigor3910 hasta 4.3.2.6 son vulnerables a XSS reflejado por usuarios autenticados, causado por la falta de validaci\u00f3n del par\u00e1metro sFormAuthStr." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41585.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41585.json index 754b4d0cfa9..8a2867f8d7e 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41585.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41585.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41585", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.197", - "lastModified": "2024-10-03T19:15:04.197", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DrayTek Vigor3910 devices through 4.3.2.6 are affected by an OS command injection vulnerability that allows an attacker to leverage the recvCmd binary to escape from the emulated instance and inject arbitrary commands into the host machine." + }, + { + "lang": "es", + "value": "Los dispositivos DrayTek Vigor3910 hasta la versi\u00f3n 4.3.2.6 est\u00e1n afectados por una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo que permite a un atacante aprovechar el binario recvCmd para escapar de la instancia emulada e inyectar comandos arbitrarios en la m\u00e1quina host." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41586.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41586.json index b174c9b421e..f04e28a1b1d 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41586.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41586.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41586", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.253", - "lastModified": "2024-10-03T21:35:26.963", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute arbitrary code via a long query string to the cgi-bin/ipfedr.cgi component." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de desbordamiento de b\u00fafer basada en pila en los dispositivos DrayTek Vigor310 hasta la versi\u00f3n 4.3.2.6 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena de consulta larga al componente cgi-bin/ipfedr.cgi." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41587.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41587.json index 5aa22f77675..6c829da7b9f 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41587.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41587.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41587", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.310", - "lastModified": "2024-10-03T19:15:04.310", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6." + }, + { + "lang": "es", + "value": "El XSS almacenado, por parte de usuarios autenticados, es causado por una mala desinfecci\u00f3n del mensaje de saludo de la p\u00e1gina de inicio de sesi\u00f3n en los dispositivos DrayTek Vigor310 hasta 4.3.2.6." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41588.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41588.json index edb070420ed..79687c92567 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41588.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41588.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41588", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.363", - "lastModified": "2024-10-03T19:15:04.363", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The CGI endpoints v2x00.cgi and cgiwcg.cgi of DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strncpy function." + }, + { + "lang": "es", + "value": "Los endpoints CGI v2x00.cgi y cgiwcg.cgi de los dispositivos DrayTek Vigor3910 hasta 4.3.2.6 son vulnerables a desbordamientos de b\u00fafer, por parte de usuarios autenticados, debido a la falta de verificaci\u00f3n de los l\u00edmites en los par\u00e1metros pasados a trav\u00e9s de solicitudes POST a la funci\u00f3n strncpy." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41589.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41589.json index 8936c617cbf..e1a2088d154 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41589.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41589.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41589", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.423", - "lastModified": "2024-10-03T21:35:28.537", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP for authentication requests." + }, + { + "lang": "es", + "value": "Los dispositivos DrayTek Vigor310 hasta la versi\u00f3n 4.3.2.6 utilizan HTTP sin cifrar para solicitudes de autenticaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41590.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41590.json index 84a9a454306..6cf9a0d1363 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41590.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41590.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41590", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.487", - "lastModified": "2024-10-03T19:15:04.487", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6." + }, + { + "lang": "es", + "value": "Varios endpoints de CGI son vulnerables a desbordamientos de b\u00fafer, por parte de usuarios autenticados, debido a la falta de verificaci\u00f3n de los l\u00edmites en los par\u00e1metros pasados a trav\u00e9s de solicitudes POST a la funci\u00f3n strcpy en dispositivos DrayTek Vigor310 hasta 4.3.2.6." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41591.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41591.json index d9d5ea4ac5f..715c56b09bb 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41591.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41591.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41591", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.560", - "lastModified": "2024-10-03T19:15:04.560", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS." + }, + { + "lang": "es", + "value": "Los dispositivos DrayTek Vigor3910 hasta 4.3.2.6 permiten XSS reflejado basado en DOM no autenticado." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41592.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41592.json index 8aa0cff98e1..981a9a87a99 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41592.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41592.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41592", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.633", - "lastModified": "2024-10-03T19:35:14.553", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs." + }, + { + "lang": "es", + "value": "Los dispositivos DrayTek Vigor3910 hasta 4.3.2.6 tienen un desbordamiento basado en pila al procesar par\u00e1metros de cadena de consulta porque GetCGI maneja incorrectamente los caracteres ampersand extra\u00f1os y los pares clave-valor largos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41593.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41593.json index 34b7c16cc94..b9954260c94 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41593.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41593.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41593", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.740", - "lastModified": "2024-10-03T19:15:04.740", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow." + }, + { + "lang": "es", + "value": "Los dispositivos DrayTek Vigor310 hasta 4.3.2.6 permiten a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n ft_payload_dns(), porque se produce una operaci\u00f3n de extensi\u00f3n de signo de byte para el argumento de longitud de una llamada _memcpy, lo que lleva a un desbordamiento de b\u00fafer basado en el mont\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41594.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41594.json index c86fe03fde2..95e4bdc344f 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41594.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41594.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41594", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.800", - "lastModified": "2024-10-03T19:15:04.800", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL." + }, + { + "lang": "es", + "value": "Un problema en los dispositivos DrayTek Vigor310 hasta la versi\u00f3n 4.3.2.6 permite a un atacante obtener informaci\u00f3n confidencial porque el servidor httpd de la interfaz de administraci\u00f3n de Vigor utiliza una cadena est\u00e1tica para inicializar el PRNG de OpenSSL." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41595.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41595.json index abb76507a93..d86df14ae60 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41595.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41595.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41595", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.857", - "lastModified": "2024-10-03T19:35:15.407", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations." + }, + { + "lang": "es", + "value": "Los dispositivos DrayTek Vigor310 hasta 4.3.2.6 permiten que un atacante remoto cambie configuraciones o provoque una denegaci\u00f3n de servicio a trav\u00e9s de p\u00e1ginas .cgi debido a la falta de controles de l\u00edmites en las operaciones de lectura y escritura." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41596.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41596.json index aaa4c6bb8fe..fc532145bed 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41596.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41596.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41596", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.923", - "lastModified": "2024-10-03T19:35:16.170", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper retrieval and handling of the CGI form parameters." + }, + { + "lang": "es", + "value": "Existen vulnerabilidades de desbordamiento de b\u00fafer en los dispositivos DrayTek Vigor310 hasta la versi\u00f3n 4.3.2.6 (en la interfaz de administraci\u00f3n de Vigor) debido a la recuperaci\u00f3n y el manejo incorrectos de los par\u00e1metros del formulario CGI." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-416xx/CVE-2024-41673.json b/CVE-2024/CVE-2024-416xx/CVE-2024-41673.json index 6eef9c9bd68..211455df425 100644 --- a/CVE-2024/CVE-2024-416xx/CVE-2024-41673.json +++ b/CVE-2024/CVE-2024-416xx/CVE-2024-41673.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41673", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T15:15:07.873", - "lastModified": "2024-10-01T15:15:07.873", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Decidim is a participatory democracy framework. The version control feature used in resources is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.27.8." + }, + { + "lang": "es", + "value": "Decidim es un framework de democracia participativa. La funci\u00f3n de control de versiones utilizada en los recursos est\u00e1 sujeta a posibles ataques XSS a trav\u00e9s de una URL mal formada. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 0.27.8." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41922.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41922.json index c42c95abe32..a8b187654db 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41922.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41922.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41922", "sourceIdentifier": "talos-cna@cisco.com", "published": "2024-10-03T16:15:05.640", - "lastModified": "2024-10-03T16:15:05.640", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can result in a disclosure of arbitrary files. An attacker can make an unauthenticated HTTP request to trigger this vulnerability." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de directory traversal en la funcionalidad de descarga de archivos de registro de Veertu Anka Build 1.42.0. Una solicitud HTTP especialmente manipulada puede dar como resultado la divulgaci\u00f3n de archivos arbitrarios. Un atacante puede realizar una solicitud HTTP no autenticada para activar esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41925.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41925.json index 0925c9f0415..cef609b7882 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41925.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41925.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41925", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-03T23:15:02.970", - "lastModified": "2024-10-03T23:15:02.970", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user input, allowing an attacker to traverse directories, bypass authentication, and execute remote code." + }, + { + "lang": "es", + "value": "El servicio web para ONS-S8 - Spectra Aggregation Switch incluye funciones que no validan correctamente la entrada del usuario, lo que permite a un atacante atravesar directorios, eludir la autenticaci\u00f3n y ejecutar c\u00f3digo remoto." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41987.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41987.json index 7e82ee4127b..fb9cb2db954 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41987.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41987.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41987", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-03T18:15:04.837", - "lastModified": "2024-10-03T18:15:04.837", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site." + }, + { + "lang": "es", + "value": "La interfaz de la aplicaci\u00f3n TEM Opera Plus FM Family Transmitter permite a los usuarios realizar determinadas acciones a trav\u00e9s de solicitudes HTTP sin realizar ninguna comprobaci\u00f3n de validez para verificar las solicitudes. Esto se puede aprovechar para realizar determinadas acciones con privilegios administrativos si un usuario conectado visita un sitio web malicioso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41988.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41988.json index e995d7e4bc8..784283335c8 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41988.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41988.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41988", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-03T18:15:05.030", - "lastModified": "2024-10-03T18:15:05.030", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS File System binary image upload without authentication. This file system serves as the basis for the HTTP2 web server module but is also used by the SNMP module and is available to other applications that require basic read-only storage capabilities. This can be exploited to overwrite the flash program memory that holds the web server's main interfaces and execute arbitrary code." + }, + { + "lang": "es", + "value": "TEM Opera Plus FM Family Transmitter permite el acceso a un endpoint desprotegido que permite la carga de im\u00e1genes binarias del sistema de archivos MPFS sin autenticaci\u00f3n. Este sistema de archivos sirve como base para el m\u00f3dulo de servidor web HTTP2, pero tambi\u00e9n lo utiliza el m\u00f3dulo SNMP y est\u00e1 disponible para otras aplicaciones que requieren capacidades b\u00e1sicas de almacenamiento de solo lectura. Esto se puede aprovechar para sobrescribir la memoria flash del programa que contiene las interfaces principales del servidor web y ejecutar c\u00f3digo arbitrario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-420xx/CVE-2024-42017.json b/CVE-2024/CVE-2024-420xx/CVE-2024-42017.json index 9724f37aabc..4d2f3b1b709 100644 --- a/CVE-2024/CVE-2024-420xx/CVE-2024-42017.json +++ b/CVE-2024/CVE-2024-420xx/CVE-2024-42017.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42017", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T18:15:05.827", - "lastModified": "2024-09-30T18:15:05.827", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is remotely accessible, it allows an attacker to execute arbitrary commands with system privilege on the endpoint hosting the application, without any authentication." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Atos Eviden iCare 2.7.1 a 2.7.11. La aplicaci\u00f3n expone una interfaz web localmente. En el peor de los casos, si la aplicaci\u00f3n es accesible de forma remota, permite que un atacante ejecute comandos arbitrarios con privilegios del sistema en el endpoint que aloja la aplicaci\u00f3n, sin ninguna autenticaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42415.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42415.json index 63380f06434..86a2bcdd3ad 100644 --- a/CVE-2024/CVE-2024-424xx/CVE-2024-42415.json +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42415.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42415", "sourceIdentifier": "talos-cna@cisco.com", "published": "2024-10-03T16:15:05.867", - "lastModified": "2024-10-03T16:15:05.867", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de desbordamiento de enteros en el analizador de formato de archivo binario de documento compuesto de la versi\u00f3n v1.14.52 de GNOME Project G Structured File Library (libgsf). Un archivo especialmente manipulado puede provocar un desbordamiento de enteros que permita un desbordamiento de b\u00fafer basado en el mont\u00f3n al procesar la tabla de asignaci\u00f3n de sectores. Esto puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Un atacante puede proporcionar un archivo malicioso para activar esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42417.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42417.json index 7c47c77f1af..aba3c63d186 100644 --- a/CVE-2024/CVE-2024-424xx/CVE-2024-42417.json +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42417.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42417", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-03T23:15:03.230", - "lastModified": "2024-10-03T23:15:03.230", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product." + }, + { + "lang": "es", + "value": "Delta Electronics DIAEnergie es vulnerable a una inyecci\u00f3n SQL en el script Handler_CFG.ashx. Un atacante autenticado podr\u00eda aprovechar este problema para provocar un retraso en el producto en cuesti\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-425xx/CVE-2024-42504.json b/CVE-2024/CVE-2024-425xx/CVE-2024-42504.json index 6a00a93b056..1fc38b261fa 100644 --- a/CVE-2024/CVE-2024-425xx/CVE-2024-42504.json +++ b/CVE-2024/CVE-2024-425xx/CVE-2024-42504.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42504", "sourceIdentifier": "security-alert@hpe.com", "published": "2024-10-03T07:15:30.793", - "lastModified": "2024-10-03T07:15:30.793", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a Cross-Site Request Forgery (CSRF) in the login flow." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de seguridad en los productos HPE IceWall Agent podr\u00eda explotarse de forma remota para provocar un Cross-Site Request Forgery (CSRF) en el flujo de inicio de sesi\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-425xx/CVE-2024-42514.json b/CVE-2024/CVE-2024-425xx/CVE-2024-42514.json index 9e4d7b1ab32..0ce90f2152c 100644 --- a/CVE-2024/CVE-2024-425xx/CVE-2024-42514.json +++ b/CVE-2024/CVE-2024-425xx/CVE-2024-42514.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42514", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T19:15:07.883", - "lastModified": "2024-10-03T16:15:06.093", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-436xx/CVE-2024-43699.json b/CVE-2024/CVE-2024-436xx/CVE-2024-43699.json index 3030bde2a54..173a58fb4f7 100644 --- a/CVE-2024/CVE-2024-436xx/CVE-2024-43699.json +++ b/CVE-2024/CVE-2024-436xx/CVE-2024-43699.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43699", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-03T23:15:03.490", - "lastModified": "2024-10-03T23:15:03.490", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may be able to exploit this issue to obtain records contained in the targeted product." + }, + { + "lang": "es", + "value": "Delta Electronics DIAEnergie es vulnerable a una inyecci\u00f3n SQL en el script AM_RegReport.aspx. Un atacante no autenticado podr\u00eda aprovechar este problema para obtener registros contenidos en el producto en cuesti\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43795.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43795.json index 431e4881780..2bf872b4a0c 100644 --- a/CVE-2024/CVE-2024-437xx/CVE-2024-43795.json +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43795.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43795", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-02T20:15:10.927", - "lastModified": "2024-10-02T20:15:10.927", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login functionality contains a reflected cross-site scripting (XSS) vulnerability. This vulnerability is fixed in 5.19.0. Note: This CVE only affects Open Source Edition, and not OpenC3 COSMOS Enterprise Edition." + }, + { + "lang": "es", + "value": "OpenC3 COSMOS proporciona la funcionalidad necesaria para enviar comandos a uno o m\u00e1s sistemas integrados y recibir datos de ellos. La funcionalidad de inicio de sesi\u00f3n contiene una vulnerabilidad de tipo cross-site scripting (XSS) reflejado. Esta vulnerabilidad se ha corregido en la versi\u00f3n 5.19.0. Nota: esta vulnerabilidad de vulnerabilidad de ejecuci\u00f3n de comandos solo afecta a Open Source Edition, no a OpenC3 COSMOS Enterprise Edition." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-439xx/CVE-2024-43986.json b/CVE-2024/CVE-2024-439xx/CVE-2024-43986.json index 2a0caf78aaf..e98d308c52c 100644 --- a/CVE-2024/CVE-2024-439xx/CVE-2024-43986.json +++ b/CVE-2024/CVE-2024-439xx/CVE-2024-43986.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43986", "sourceIdentifier": "audit@patchstack.com", "published": "2024-08-29T11:15:26.853", - "lastModified": "2024-08-29T13:25:27.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-04T13:22:56.253", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mage-people:ecab_taxi_booking_manager:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.0", + "matchCriteriaId": "0D46DA69-B452-4EE9-BE2A-DEA52A87BC2E" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/ecab-taxi-booking-manager/wordpress-e-cab-taxi-booking-manager-plugin-1-0-9-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-440xx/CVE-2024-44017.json b/CVE-2024/CVE-2024-440xx/CVE-2024-44017.json index d6c5dd0d4c6..ad8d689bcb4 100644 --- a/CVE-2024/CVE-2024-440xx/CVE-2024-44017.json +++ b/CVE-2024/CVE-2024-440xx/CVE-2024-44017.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44017", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-02T10:15:04.113", - "lastModified": "2024-10-02T10:15:04.113", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MinHyeong Lim MH Board allows PHP Local File Inclusion.This issue affects MH Board: from n/a through 1.3.2.1." + }, + { + "lang": "es", + "value": "La vulnerabilidad de limitaci\u00f3n incorrecta de una ruta a un directorio restringido ('Path Traversal') en MinHyeong Lim MH Board permite la inclusi\u00f3n de archivos locales en PHP. Este problema afecta a MH Board: desde n/a hasta 1.3.2.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-440xx/CVE-2024-44030.json b/CVE-2024/CVE-2024-440xx/CVE-2024-44030.json index 2d0f0cbb1b0..0a597c4c0ca 100644 --- a/CVE-2024/CVE-2024-440xx/CVE-2024-44030.json +++ b/CVE-2024/CVE-2024-440xx/CVE-2024-44030.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44030", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-02T10:15:04.340", - "lastModified": "2024-10-02T10:15:04.340", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mestres do WP Checkout Mestres WP.This issue affects Checkout Mestres WP: from n/a through 8.6." + }, + { + "lang": "es", + "value": "Vulnerabilidad de limitaci\u00f3n incorrecta de una ruta a un directorio restringido ('Path Traversal') en Mestres do WP Checkout Mestres WP. Este problema afecta a Checkout Mestres WP: desde n/a hasta 8.6." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-440xx/CVE-2024-44097.json b/CVE-2024/CVE-2024-440xx/CVE-2024-44097.json index 8e6cf54bcf5..093b159d3cc 100644 --- a/CVE-2024/CVE-2024-440xx/CVE-2024-44097.json +++ b/CVE-2024/CVE-2024-440xx/CVE-2024-44097.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44097", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-02T14:15:05.670", - "lastModified": "2024-10-02T17:35:15.257", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "According to the researcher: \"The TLS connections are encrypted against tampering or eavesdropping. However, the application does not validate the server certificate properly while initializing the TLS connection. This allows for a network attacker to intercept the connection and read the data. The attacker could the either send the client a malicious response, or forward the (possibly modified) data to the real server.\"" + }, + { + "lang": "es", + "value": "Seg\u00fan el investigador: \"Las conexiones TLS est\u00e1n cifradas para evitar manipulaciones o escuchas no autorizadas. Sin embargo, la aplicaci\u00f3n no valida correctamente el certificado del servidor al inicializar la conexi\u00f3n TLS. Esto permite que un atacante de la red intercepte la conexi\u00f3n y lea los datos. El atacante podr\u00eda enviar al cliente una respuesta maliciosa o reenviar los datos (posiblemente modificados) al servidor real\"." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-441xx/CVE-2024-44193.json b/CVE-2024/CVE-2024-441xx/CVE-2024-44193.json index 1f4a059353c..1de5dd062e1 100644 --- a/CVE-2024/CVE-2024-441xx/CVE-2024-44193.json +++ b/CVE-2024/CVE-2024-441xx/CVE-2024-44193.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44193", "sourceIdentifier": "product-security@apple.com", "published": "2024-10-02T15:15:14.920", - "lastModified": "2024-10-03T20:35:16.860", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-442xx/CVE-2024-44204.json b/CVE-2024/CVE-2024-442xx/CVE-2024-44204.json index 930958af6d4..163f16b0131 100644 --- a/CVE-2024/CVE-2024-442xx/CVE-2024-44204.json +++ b/CVE-2024/CVE-2024-442xx/CVE-2024-44204.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44204", "sourceIdentifier": "product-security@apple.com", "published": "2024-10-04T00:15:02.467", - "lastModified": "2024-10-04T00:15:02.467", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver." + }, + { + "lang": "es", + "value": "Se solucion\u00f3 un problema de l\u00f3gica mejorando la validaci\u00f3n. Este problema se solucion\u00f3 en iOS 18.0.1 y iPadOS 18.0.1. VoiceOver puede leer en voz alta las contrase\u00f1as guardadas de un usuario." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-442xx/CVE-2024-44207.json b/CVE-2024/CVE-2024-442xx/CVE-2024-44207.json index 9987c435a7a..c5c2e6404a7 100644 --- a/CVE-2024/CVE-2024-442xx/CVE-2024-44207.json +++ b/CVE-2024/CVE-2024-442xx/CVE-2024-44207.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44207", "sourceIdentifier": "product-security@apple.com", "published": "2024-10-04T00:15:02.637", - "lastModified": "2024-10-04T00:15:02.637", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated." + }, + { + "lang": "es", + "value": "Este problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en iOS 18.0.1 y iPadOS 18.0.1. Es posible que los mensajes de audio en Mensajes puedan capturar algunos segundos de audio antes de que se active el indicador del micr\u00f3fono." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-446xx/CVE-2024-44610.json b/CVE-2024/CVE-2024-446xx/CVE-2024-44610.json index ebe7224e3a6..1605725b5f9 100644 --- a/CVE-2024/CVE-2024-446xx/CVE-2024-44610.json +++ b/CVE-2024/CVE-2024-446xx/CVE-2024-44610.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44610", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T15:15:08.117", - "lastModified": "2024-10-02T06:15:09.210", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to Command injection via shell metacharacters in a Software Update to processing.php." + }, + { + "lang": "es", + "value": "PCAN-Ethernet Gateway FD anterior a 1.3.0 y PCAN-Ethernet Gateway anterior a 2.11.0 son vulnerables a la inyecci\u00f3n de comandos a trav\u00e9s de metacaracteres de shell en una actualizaci\u00f3n de software en processing.php." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44744.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44744.json index 8aab0c1d103..cd492281065 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44744.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44744.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44744", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:05.573", - "lastModified": "2024-10-01T19:35:08.023", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories." + }, + { + "lang": "es", + "value": "Un problema en Malwarebytes Premium Security v5.0.0.883 permite a los atacantes ejecutar c\u00f3digo arbitrario colocando binarios creados en directorios no especificados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45073.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45073.json index 26cf87acc22..d1050ac7283 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45073.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45073.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45073", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-09-30T22:15:02.703", - "lastModified": "2024-09-30T22:15:02.703", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." + }, + { + "lang": "es", + "value": "IBM WebSphere Application Server 8.5 y 9.0 es vulnerable a cross-site scripting almacenado. Esta vulnerabilidad permite que un usuario privilegiado incorpore c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista y pudiendo provocar la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n de confianza." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45186.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45186.json index 6b3404013e4..92fb222b870 100644 --- a/CVE-2024/CVE-2024-451xx/CVE-2024-45186.json +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45186.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45186", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T05:15:11.743", - "lastModified": "2024-10-02T14:35:06.610", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45367.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45367.json index 13d200f4f0f..6ce5c01336f 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45367.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45367.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45367", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-03T23:15:03.737", - "lastModified": "2024-10-03T23:15:03.737", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password." + }, + { + "lang": "es", + "value": "El servidor web de ONS-S8 - Spectra Aggregation Switch incluye un proceso de autenticaci\u00f3n incompleto, lo que puede provocar que un atacante se autentique sin una contrase\u00f1a." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-454xx/CVE-2024-45408.json b/CVE-2024/CVE-2024-454xx/CVE-2024-45408.json index 45706ec3a23..ac759f2be57 100644 --- a/CVE-2024/CVE-2024-454xx/CVE-2024-45408.json +++ b/CVE-2024/CVE-2024-454xx/CVE-2024-45408.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45408", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T15:15:08.220", - "lastModified": "2024-10-01T15:15:08.220", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "eLabFTW is an open source electronic lab notebook for research labs. An incorrect permission check has been found that could allow an authenticated user to access several kinds of otherwise restricted information. If anonymous access is allowed (something disabled by default), this extends to anyone. Users are advised to upgrade to at least version 5.1.0. System administrators can disable anonymous access in the System configuration panel." + }, + { + "lang": "es", + "value": "eLabFTW es un cuaderno de laboratorio electr\u00f3nico de c\u00f3digo abierto para laboratorios de investigaci\u00f3n. Se ha detectado una comprobaci\u00f3n de permisos incorrecta que podr\u00eda permitir que un usuario autenticado acceda a varios tipos de informaci\u00f3n que de otro modo estar\u00eda restringida. Si se permite el acceso an\u00f3nimo (algo deshabilitado de forma predeterminada), esto se extiende a cualquier persona. Se recomienda a los usuarios que actualicen al menos a la versi\u00f3n 5.1.0. Los administradores de System pueden deshabilitar el acceso an\u00f3nimo en el panel de configuraci\u00f3n de System." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-455xx/CVE-2024-45519.json b/CVE-2024/CVE-2024-455xx/CVE-2024-45519.json index 8edc5505f40..d0345298dbd 100644 --- a/CVE-2024/CVE-2024-455xx/CVE-2024-45519.json +++ b/CVE-2024/CVE-2024-455xx/CVE-2024-45519.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45519", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T22:15:02.770", - "lastModified": "2024-10-04T01:00:01.317", - "vulnStatus": "Modified", + "lastModified": "2024-10-04T13:34:19.720", + "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2024-10-03", "cisaActionDue": "2024-10-24", diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45772.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45772.json index d86de0e0a27..8c4c4994808 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45772.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45772.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45772", "sourceIdentifier": "security@apache.org", "published": "2024-09-30T09:15:02.670", - "lastModified": "2024-09-30T12:45:57.823", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-04T13:20:58.327", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + }, { "source": "security@apache.org", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + }, { "source": "security@apache.org", "type": "Secondary", @@ -51,10 +81,34 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:lucene:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0", + "versionEndExcluding": "9.12.0", + "matchCriteriaId": "A8A9615B-DC4D-4031-B8F9-2E0A12C4F0A2" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/3f3oph7bqnqspb9q5p0gm5mgc1b6thjo", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45792.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45792.json index 150cc6c2813..2ef48178a8f 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45792.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45792.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45792", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T15:15:05.830", - "lastModified": "2024-09-30T15:15:05.830", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mantis Bug Tracker (MantisBT) is an open source issue tracker. Using a crafted POST request, an unprivileged, registered user is able to retrieve information about other users' personal system profiles. This vulnerability is fixed in 2.26.4." + }, + { + "lang": "es", + "value": "Mantis Bug Tracker (MantisBT) es un rastreador de errores de c\u00f3digo abierto. Mediante una solicitud POST manipulada, un usuario registrado sin privilegios puede recuperar informaci\u00f3n sobre los perfiles personales del sistema de otros usuarios. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 2.26.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-458xx/CVE-2024-45870.json b/CVE-2024/CVE-2024-458xx/CVE-2024-45870.json index a088a3d4735..72193b8db8b 100644 --- a/CVE-2024/CVE-2024-458xx/CVE-2024-45870.json +++ b/CVE-2024/CVE-2024-458xx/CVE-2024-45870.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45870", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T16:15:06.237", - "lastModified": "2024-10-03T18:35:08.207", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Bandisoft BandiView 7.05 is vulnerable to Incorrect Access Control in sub_0x3d80fc via a crafted POC file." + }, + { + "lang": "es", + "value": "Bandisoft BandiView 7.05 es vulnerable a un control de acceso incorrecto en sub_0x3d80fc a trav\u00e9s de un archivo POC manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-458xx/CVE-2024-45871.json b/CVE-2024/CVE-2024-458xx/CVE-2024-45871.json index fdf80c1619c..f50895939c0 100644 --- a/CVE-2024/CVE-2024-458xx/CVE-2024-45871.json +++ b/CVE-2024/CVE-2024-458xx/CVE-2024-45871.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45871", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T17:15:14.800", - "lastModified": "2024-10-03T20:35:17.033", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of service (DOS)." + }, + { + "lang": "es", + "value": "Bandisoft BandiView 7.05 tiene un control de acceso incorrecto a trav\u00e9s de sub_0x232bd8, lo que resulta en una denegaci\u00f3n de servicio (DOS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-458xx/CVE-2024-45872.json b/CVE-2024/CVE-2024-458xx/CVE-2024-45872.json index 16e23aeaff0..4693b5776dc 100644 --- a/CVE-2024/CVE-2024-458xx/CVE-2024-45872.json +++ b/CVE-2024/CVE-2024-458xx/CVE-2024-45872.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45872", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T17:15:14.867", - "lastModified": "2024-10-03T20:35:17.843", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x410d1d. The vulnerability occurs due to insufficient validation of PSD files." + }, + { + "lang": "es", + "value": "Bandisoft BandiView 7.05 es vulnerable a un desbordamiento de b\u00fafer a trav\u00e9s de sub_0x410d1d. La vulnerabilidad se produce debido a una validaci\u00f3n insuficiente de los archivos PSD." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45920.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45920.json index 2a25d1c5b21..3ee7538a66b 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45920.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45920.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45920", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T13:15:02.450", - "lastModified": "2024-09-30T18:35:07.773", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Stored Cross-Site Scripting (XSS) vulnerability in Solvait 24.4.2 allows remote attackers to inject malicious scripts into the application. This issue arises due to insufficient input validation and sanitization in \"Intrest\" feature." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en Solvait 24.4.2 permite a atacantes remotos inyectar secuencias de comandos maliciosas en la aplicaci\u00f3n. Este problema surge debido a una validaci\u00f3n y desinfecci\u00f3n de entradas insuficientes en la funci\u00f3n \"Intrest\"." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45960.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45960.json index db22a9ade6a..eee635c15a5 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45960.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45960.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45960", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T20:15:11.067", - "lastModified": "2024-10-02T21:35:13.667", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack." + }, + { + "lang": "es", + "value": "Zenario 9.7.61188 permite a los usuarios administradores autenticados cargar archivos PDF que contienen c\u00f3digo malicioso en el sistema de destino. Si se accede al archivo PDF a trav\u00e9s del sitio web, puede desencadenar un ataque de Cross-Site Scripting (XSS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45962.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45962.json index 7b7b7faa8ce..1f72df94d21 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45962.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45962.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45962", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T20:15:11.153", - "lastModified": "2024-10-02T21:35:14.483", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "October 3.6.30 allows an authenticated admin account to upload a PDF file containing malicious JavaScript into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted JavaScript to the target." + }, + { + "lang": "es", + "value": "October 3.6.30 permite a una cuenta de administrador autenticada puede cargar un archivo PDF que contenga JavaScript malicioso en el sistema de destino. Si se accede al archivo a trav\u00e9s del sitio web, podr\u00eda provocar un ataque de Cross-Site Scripting (XSS) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un JavaScript manipulado espec\u00edficamente para el objetivo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45964.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45964.json index a3d069dd465..d9aae1d961b 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45964.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45964.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45964", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T20:15:11.240", - "lastModified": "2024-10-02T21:35:15.363", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Zenario 9.7.61188 is vulnerable to Cross Site Scripting (XSS) in the Image library via the \"Organizer tags\" field." + }, + { + "lang": "es", + "value": "Zenario 9.7.61188 es vulnerable a Cross Site Scripting (XSS) en la librer\u00eda de im\u00e1genes a trav\u00e9s del campo \"Etiquetas del organizador\"." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45965.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45965.json index fac4a1a988a..a6dfb70f4c9 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45965.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45965.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45965", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T20:15:11.320", - "lastModified": "2024-10-02T21:35:16.147", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Contao 5.4.1 allows an authenticated admin account to upload a SVG file containing malicious javascript code into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted javascript to the target." + }, + { + "lang": "es", + "value": "Contao 5.4.1 permite que una cuenta de administrador autenticada cargue un archivo SVG que contenga c\u00f3digo JavaScript malicioso en el sistema de destino. Si se accede al archivo a trav\u00e9s del sitio web, podr\u00eda provocar un ataque de Cross-Site Scripting (XSS) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un c\u00f3digo JavaScript manipulado espec\u00edficamente para el objetivo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45967.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45967.json index a4cc3bb3815..7343bc97de3 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45967.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45967.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45967", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T15:15:08.467", - "lastModified": "2024-10-01T15:35:14.153", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Pagekit 1.0.18 is vulnerable to Cross Site Scripting (XSS) in index.php/admin/site/widget." + }, + { + "lang": "es", + "value": "Pagekit 1.0.18 es vulnerable a Cross Site Scripting (XSS) en index.php/admin/site/widget." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45993.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45993.json index 0b0e1f40b28..1b852504ddc 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45993.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45993.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45993", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T17:15:04.473", - "lastModified": "2024-09-30T19:35:05.410", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb." + }, + { + "lang": "es", + "value": "Giflib Project v5.2.2 es vulnerable a un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de gif2rgb." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45999.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45999.json index 870aa8b145f..6f2e59822c6 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45999.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45999.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45999", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T20:15:05.390", - "lastModified": "2024-10-01T20:15:05.390", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. The vulnerability is exploitable via the station_id parameter." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad de inyecci\u00f3n SQL en Cloudlog 2.6.15, espec\u00edficamente dentro de la funci\u00f3n get_station_info() ubicada en el archivo /application/models/Oqrs_model.php. La vulnerabilidad se puede explotar a trav\u00e9s del par\u00e1metro station_id." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-460xx/CVE-2024-46079.json b/CVE-2024/CVE-2024-460xx/CVE-2024-46079.json index fd6bd1ee8fc..c3ccb759443 100644 --- a/CVE-2024/CVE-2024-460xx/CVE-2024-46079.json +++ b/CVE-2024/CVE-2024-460xx/CVE-2024-46079.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46079", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T19:15:08.373", - "lastModified": "2024-10-01T20:35:15.110", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in proj_new.php via the Descricao parameter." + }, + { + "lang": "es", + "value": "Scriptcase v9.10.023 y anteriores son vulnerables a Cross Site Scripting (XSS) en proj_new.php a trav\u00e9s del par\u00e1metro Descricao." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-460xx/CVE-2024-46080.json b/CVE-2024/CVE-2024-460xx/CVE-2024-46080.json index c2dd9e04c51..38357caa239 100644 --- a/CVE-2024/CVE-2024-460xx/CVE-2024-46080.json +++ b/CVE-2024/CVE-2024-460xx/CVE-2024-46080.json @@ -2,8 +2,8 @@ "id": "CVE-2024-46080", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T21:15:06.767", - "lastModified": "2024-10-02T16:35:31.633", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-460xx/CVE-2024-46081.json b/CVE-2024/CVE-2024-460xx/CVE-2024-46081.json index 3da073b2e33..662a22e3745 100644 --- a/CVE-2024/CVE-2024-460xx/CVE-2024-46081.json +++ b/CVE-2024/CVE-2024-460xx/CVE-2024-46081.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46081", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T19:15:08.763", - "lastModified": "2024-10-01T20:35:15.930", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS, which is particularly dangerous because tasks are assigned to various users on the platform." + }, + { + "lang": "es", + "value": "Scriptcase v9.10.023 y versiones anteriores son vulnerables a ataques de Cross-Site Scripting (XSS). Un usuario autenticado puede manipular payloads maliciosos en la lista de tareas pendientes. El usuario asignado activar\u00e1 un XSS almacenado, lo que es particularmente peligroso porque las tareas se asignan a varios usuarios en la plataforma." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-460xx/CVE-2024-46082.json b/CVE-2024/CVE-2024-460xx/CVE-2024-46082.json index f612e8cba39..171747eca8a 100644 --- a/CVE-2024/CVE-2024-460xx/CVE-2024-46082.json +++ b/CVE-2024/CVE-2024-460xx/CVE-2024-46082.json @@ -2,8 +2,8 @@ "id": "CVE-2024-46082", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T21:15:06.857", - "lastModified": "2024-10-02T16:35:32.440", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-460xx/CVE-2024-46083.json b/CVE-2024/CVE-2024-460xx/CVE-2024-46083.json index f779a746392..e2f12f599b9 100644 --- a/CVE-2024/CVE-2024-460xx/CVE-2024-46083.json +++ b/CVE-2024/CVE-2024-460xx/CVE-2024-46083.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46083", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T19:15:09.013", - "lastModified": "2024-10-01T20:35:16.743", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated user can craft malicious payloads using the messages feature, which allows the injection of malicious code into any user's account on the platform. It is important to note that regular users can trigger actions for administrator users." + }, + { + "lang": "es", + "value": "Scriptcase v9.10.023 y versiones anteriores son vulnerables a ataques de Cross-Site Scripting (XSS). Un usuario autenticado puede manipular payloads maliciosos mediante la funci\u00f3n de mensajes, que permite la inyecci\u00f3n de c\u00f3digo malicioso en la cuenta de cualquier usuario de la plataforma. Es importante tener en cuenta que los usuarios normales pueden activar acciones para los usuarios administradores." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-460xx/CVE-2024-46084.json b/CVE-2024/CVE-2024-460xx/CVE-2024-46084.json index a6374679552..5759cde07e5 100644 --- a/CVE-2024/CVE-2024-460xx/CVE-2024-46084.json +++ b/CVE-2024/CVE-2024-460xx/CVE-2024-46084.json @@ -2,8 +2,8 @@ "id": "CVE-2024-46084", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T21:15:06.950", - "lastModified": "2024-10-02T16:35:33.230", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46258.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46258.json index b10ce633984..5de61002ebf 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46258.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46258.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46258", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:05.667", - "lastModified": "2024-10-01T14:15:05.667", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_load_png_mem() function at cute_png.h." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que cute_png v1.05 conten\u00eda un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de la funci\u00f3n cp_load_png_mem() en cute_png.h." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46259.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46259.json index b8daca072df..20360fb5829 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46259.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46259.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46259", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:05.753", - "lastModified": "2024-10-01T14:15:05.753", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_unfilter() function at cute_png.h." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que cute_png v1.05 conten\u00eda un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de la funci\u00f3n cp_unfilter() en cute_png.h." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46261.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46261.json index 0c6e2e335a8..a44f4848338 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46261.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46261.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46261", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:05.833", - "lastModified": "2024-10-01T14:15:05.833", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que cute_png v1.05 conten\u00eda un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de la funci\u00f3n cp_make32() en cute_png.h." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46263.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46263.json index dc198778d9c..5efd466e4ae 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46263.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46263.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46263", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:05.910", - "lastModified": "2024-10-01T14:15:05.910", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "cute_png v1.05 was discovered to contain a stack overflow via the cp_dynamic() function at cute_png.h." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que cute_png v1.05 conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n cp_dynamic() en cute_png.h." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46264.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46264.json index b31f1c55b0b..3bdd5d86f59 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46264.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46264.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46264", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:06.003", - "lastModified": "2024-10-01T14:15:06.003", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_find() function at cute_png.h." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que cute_png v1.05 conten\u00eda un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de la funci\u00f3n cp_find() en cute_png.h." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46267.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46267.json index d8da1b9b83f..5501e58310b 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46267.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46267.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46267", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:06.090", - "lastModified": "2024-10-01T14:15:06.090", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_block() function at cute_png.h." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que cute_png v1.05 conten\u00eda un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de la funci\u00f3n cp_block() en cute_png.h." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46274.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46274.json index 5ed7fd95afc..8f22853705a 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46274.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46274.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46274", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:06.177", - "lastModified": "2024-10-01T14:15:06.177", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_stored() function at cute_png.h." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que cute_png v1.05 conten\u00eda un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de la funci\u00f3n cp_stored() en cute_png.h." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46276.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46276.json index 396dd66605f..7a1b2b54401 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46276.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46276.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46276", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-01T14:15:06.260", - "lastModified": "2024-10-01T14:15:06.260", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_chunk() function at cute_png.h." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que cute_png v1.05 conten\u00eda un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de la funci\u00f3n cp_chunk() en cute_png.h." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46280.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46280.json index f3a8ae17c30..d950bee7744 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46280.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46280.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46280", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T15:15:06.053", - "lastModified": "2024-09-30T18:35:08.543", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them." + }, + { + "lang": "es", + "value": "PIX-LINK LV-WR22 RE3002-P1-01_V117.0 es vulnerable a un control de acceso inadecuado. El servicio TELNET se habilita con credenciales d\u00e9biles para una cuenta de nivel superusuario, sin posibilidad de cambiarlas." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46293.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46293.json index eb4555054a1..d8d4cf37ad2 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46293.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46293.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46293", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T15:15:06.123", - "lastModified": "2024-09-30T19:35:06.227", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether the user is logged in as an admin or even check for a session token at all." + }, + { + "lang": "es", + "value": "Sourcecodester Online Medicine Ordering System 1.0 es vulnerable a un control de acceso incorrecto. No existen comprobaciones de autorizaci\u00f3n para las operaciones de administraci\u00f3n. En concreto, un atacante puede realizar acciones de nivel de administrador sin poseer un token de sesi\u00f3n v\u00e1lido. La aplicaci\u00f3n no verifica si el usuario ha iniciado sesi\u00f3n como administrador o ni siquiera comprueba si hay un token de sesi\u00f3n. " } ], "metrics": { diff --git a/CVE-2024/CVE-2024-463xx/CVE-2024-46313.json b/CVE-2024/CVE-2024-463xx/CVE-2024-46313.json index 22ce5efda3f..d490b0df39c 100644 --- a/CVE-2024/CVE-2024-463xx/CVE-2024-46313.json +++ b/CVE-2024/CVE-2024-463xx/CVE-2024-46313.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46313", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T15:15:06.243", - "lastModified": "2024-09-30T19:35:07.020", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm." + }, + { + "lang": "es", + "value": "TP-Link WR941ND V6 tiene una vulnerabilidad de desbordamiento de pila en el par\u00e1metro ssid en /userRpm/popupSiteSurveyRpm.htm. " } ], "metrics": { diff --git a/CVE-2024/CVE-2024-464xx/CVE-2024-46475.json b/CVE-2024/CVE-2024-464xx/CVE-2024-46475.json index e16210917fd..73ca8b91ea0 100644 --- a/CVE-2024/CVE-2024-464xx/CVE-2024-46475.json +++ b/CVE-2024/CVE-2024-464xx/CVE-2024-46475.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46475", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T16:15:09.077", - "lastModified": "2024-09-30T18:35:09.327", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A reflected cross-site scripting (XSS) vulnerability on the homepage of Metronic Admin Dashboard Template v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de Cross-Site Scripting (XSS) Reflejado en la p\u00e1gina de inicio de Metronic Admin Dashboard Template v2.0 permite a los atacantes ejecutar c\u00f3digo arbitrario en el contexto del navegador de un usuario mediante la inyecci\u00f3n de un payload especialmente manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-465xx/CVE-2024-46503.json b/CVE-2024/CVE-2024-465xx/CVE-2024-46503.json index 6d0f4779ca8..d5cb1a6f634 100644 --- a/CVE-2024/CVE-2024-465xx/CVE-2024-46503.json +++ b/CVE-2024/CVE-2024-465xx/CVE-2024-46503.json @@ -2,8 +2,8 @@ "id": "CVE-2024-46503", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T21:15:03.590", - "lastModified": "2024-10-01T15:35:15.667", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-465xx/CVE-2024-46510.json b/CVE-2024/CVE-2024-465xx/CVE-2024-46510.json index e67eea86cde..34fbe338e6b 100644 --- a/CVE-2024/CVE-2024-465xx/CVE-2024-46510.json +++ b/CVE-2024/CVE-2024-465xx/CVE-2024-46510.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46510", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T16:15:09.137", - "lastModified": "2024-09-30T21:35:04.967", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ESAFENET CDG v5 was discovered to contain a SQL injection vulnerability via the id parameter in the NavigationAjax interface" + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que ESAFENET CDG v5 contiene una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro id en la interfaz NavigationAjax" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-465xx/CVE-2024-46511.json b/CVE-2024/CVE-2024-465xx/CVE-2024-46511.json index b6daad4daa4..78f0af87b49 100644 --- a/CVE-2024/CVE-2024-465xx/CVE-2024-46511.json +++ b/CVE-2024/CVE-2024-465xx/CVE-2024-46511.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46511", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T18:15:06.067", - "lastModified": "2024-09-30T19:35:07.990", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LoadZilla LLC LoadLogic v1.4.3 was discovered to contain insecure permissions vulnerability which allows a remote attacker to execute arbitrary code via the LogicLoadEc2DeployLambda and CredsGenFunction function." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que LoadZilla LLC LoadLogic v1.4.3 contiene una vulnerabilidad de permisos inseguros que permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de las funciones LogicLoadEc2DeployLambda y CredsGenFunction." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-465xx/CVE-2024-46540.json b/CVE-2024/CVE-2024-465xx/CVE-2024-46540.json index 7a1264f338a..4c090b51dc4 100644 --- a/CVE-2024/CVE-2024-465xx/CVE-2024-46540.json +++ b/CVE-2024/CVE-2024-465xx/CVE-2024-46540.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46540", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T17:15:04.550", - "lastModified": "2024-09-30T18:35:10.127", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A remote code execution (RCE) vulnerability in the component /admin/store.php of Emlog Pro before v2.3.15 allows attackers to use remote file downloads and self-extract fucntions to upload webshells to the target server, thereby obtaining system privileges." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto (RCE) en el componente /admin/store.php de Emlog Pro anterior a v2.3.15 permite a los atacantes utilizar descargas de archivos remotas y funciones de autoextracci\u00f3n para cargar webshells al servidor de destino, obteniendo as\u00ed privilegios del sistema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-465xx/CVE-2024-46548.json b/CVE-2024/CVE-2024-465xx/CVE-2024-46548.json index 6cbc65f6816..bdba78769f9 100644 --- a/CVE-2024/CVE-2024-465xx/CVE-2024-46548.json +++ b/CVE-2024/CVE-2024-465xx/CVE-2024-46548.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46548", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T17:15:04.620", - "lastModified": "2024-09-30T21:35:05.733", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates, allowing attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TP-Link Tapo P125M y Kasa KP125M v1.0.3 validaban incorrectamente los certificados, lo que permit\u00eda a los atacantes espiar las comunicaciones y acceder a informaci\u00f3n confidencial a trav\u00e9s de un ataque de intermediario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-465xx/CVE-2024-46549.json b/CVE-2024/CVE-2024-465xx/CVE-2024-46549.json index 2077c1c77a4..a5572361835 100644 --- a/CVE-2024/CVE-2024-465xx/CVE-2024-46549.json +++ b/CVE-2024/CVE-2024-465xx/CVE-2024-46549.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46549", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T17:15:04.683", - "lastModified": "2024-09-30T21:35:06.490", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows attackers to establish connections by impersonating devices owned by other users." + }, + { + "lang": "es", + "value": "Un problema en el TP-Link MQTT Broker y el API gateway de TP-Link Kasa KP125M v1.0.3 permite a los atacantes establecer conexiones haci\u00e9ndose pasar por dispositivos propiedad de otros usuarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-466xx/CVE-2024-46626.json b/CVE-2024/CVE-2024-466xx/CVE-2024-46626.json index ab4055e1876..dd136f3b29b 100644 --- a/CVE-2024/CVE-2024-466xx/CVE-2024-46626.json +++ b/CVE-2024/CVE-2024-466xx/CVE-2024-46626.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46626", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-02T17:15:20.320", - "lastModified": "2024-10-02T17:35:15.457", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que OS4ED openSIS-Classic v9.1 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s de un payload manipulado espec\u00edficamente." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-466xx/CVE-2024-46635.json b/CVE-2024/CVE-2024-466xx/CVE-2024-46635.json index 853fddcf7a0..8902135796b 100644 --- a/CVE-2024/CVE-2024-466xx/CVE-2024-46635.json +++ b/CVE-2024/CVE-2024-466xx/CVE-2024-46635.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46635", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-30T18:15:06.140", - "lastModified": "2024-09-30T18:15:06.140", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before v202402060 allows attackers to access sensitive information via a crafted payload to the UserNameOrPhoneNumber parameter." + }, + { + "lang": "es", + "value": "Un problema en el endpoint de la API /AccountMaster/GetCurrentUserInfo de INROAD anterior a v202402060 permite a los atacantes acceder a informaci\u00f3n confidencial a trav\u00e9s de un payload manipulado para el par\u00e1metro UserNameOrPhoneNumber." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-466xx/CVE-2024-46658.json b/CVE-2024/CVE-2024-466xx/CVE-2024-46658.json index 0cae1b7bfcb..9355c3680b8 100644 --- a/CVE-2024/CVE-2024-466xx/CVE-2024-46658.json +++ b/CVE-2024/CVE-2024-466xx/CVE-2024-46658.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46658", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T21:15:08.500", - "lastModified": "2024-10-03T21:15:08.500", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was discovered to contain an authenticated command injection vulnerability." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos autenticados." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-468xx/CVE-2024-46869.json b/CVE-2024/CVE-2024-468xx/CVE-2024-46869.json index b90d9f162d4..873ea3e506b 100644 --- a/CVE-2024/CVE-2024-468xx/CVE-2024-46869.json +++ b/CVE-2024/CVE-2024-468xx/CVE-2024-46869.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46869", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-30T16:15:09.200", - "lastModified": "2024-09-30T16:15:09.200", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel_pcie: Allocate memory for driver private data\n\nFix driver not allocating memory for struct btintel_data which is used\nto store internal data." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: btintel_pcie: Asignar memoria para datos privados del controlador Se corrige el problema que provoca que el controlador no asigne memoria para la estructura btintel_data que se utiliza para almacenar datos internos." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46977.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46977.json index 125f328b266..55152ec1938 100644 --- a/CVE-2024/CVE-2024-469xx/CVE-2024-46977.json +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46977.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46977", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-02T20:15:11.400", - "lastModified": "2024-10-02T20:15:11.400", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal vulnerability inside of LocalMode's open_local_file method allows an authenticated user with adequate permissions to download any .txt via the ScreensController#show on the web server COSMOS is running on (depending on the file permissions). This vulnerability is fixed in 5.19.0." + }, + { + "lang": "es", + "value": "OpenC3 COSMOS proporciona la funcionalidad necesaria para enviar comandos a uno o m\u00e1s sistemas integrados y recibir datos de ellos. Una vulnerabilidad de path traversal dentro del m\u00e9todo open_local_file de LocalMode permite que un usuario autenticado con los permisos adecuados descargue cualquier archivo .txt a trav\u00e9s de ScreensController#show en el servidor web en el que se ejecuta COSMOS (seg\u00fan los permisos de archivo). Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 5.19.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47063.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47063.json index db58c32f123..14b626729e6 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47063.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47063.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47063", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T15:15:06.293", - "lastModified": "2024-09-30T15:15:06.293", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If a malicious CVAT user with permissions to either create a task, or edit an existing task can trick another logged-in user into visiting a maliciously-constructed URL, they can initiate any API calls on that user's behalf. This gives the attacker temporary access to all data that the victim user has access to. Upgrade to CVAT 2.19.0 or a later version to fix this issue." + }, + { + "lang": "es", + "value": "Computer Vision Annotation Tool (CVAT) es una herramienta interactiva de anotaci\u00f3n de im\u00e1genes y videos para la visi\u00f3n artificial. Si un usuario malintencionado de CVAT con permisos para crear una tarea o editar una tarea existente puede enga\u00f1ar a otro usuario conectado para que visite una URL manipulada de forma malintencionada, puede iniciar cualquier llamada a la API en nombre de ese usuario. Esto le otorga al atacante acceso temporal a todos los datos a los que tiene acceso el usuario v\u00edctima. Actualice a CVAT 2.19.0 o una versi\u00f3n posterior para solucionar este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47064.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47064.json index 11ae093bf2a..9600d3772b3 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47064.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47064.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47064", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T15:15:06.413", - "lastModified": "2024-09-30T15:15:06.413", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If an attacker can trick a logged-in CVAT user into visiting a maliciously-constructed URL, they can initiate any API calls on that user's behalf. This gives the attacker temporary access to all data that the victim user has access to. Upgrade to CVAT 2.19.0 or a later version to fix this issue." + }, + { + "lang": "es", + "value": "Computer Vision Annotation Tool (CVAT) es una herramienta interactiva de anotaci\u00f3n de im\u00e1genes y videos para visi\u00f3n artificial. Si un atacante puede enga\u00f1ar a un usuario de CVAT que haya iniciado sesi\u00f3n para que visite una URL manipulada de forma malintencionada, puede iniciar cualquier llamada a la API en nombre de ese usuario. Esto le otorga al atacante acceso temporal a todos los datos a los que tiene acceso el usuario v\u00edctima. Actualice a CVAT 2.19.0 o una versi\u00f3n posterior para solucionar este problema. " } ], "metrics": { diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47067.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47067.json index aa1fdfffd0e..b2dc1127bd1 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47067.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47067.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47067", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T16:15:09.267", - "lastModified": "2024-09-30T16:15:09.267", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "AList is a file list program that supports multiple storages. AList contains a reflected cross-site scripting vulnerability in helper.go. The endpoint /i/:link_name takes in a user-provided value and reflects it back in the response. The endpoint returns an application/xml response, opening it up to HTML tags via XHTML and thus leading to a XSS vulnerability. This vulnerability is fixed in 3.29.0." + }, + { + "lang": "es", + "value": "AList es un programa de listas de archivos que admite varios almacenamientos. AList contiene una vulnerabilidad de cross-site scripting reflejado en helper.go. El punto de conexi\u00f3n /i/:link_name toma un valor proporcionado por el usuario y lo refleja en la respuesta. El punto de conexi\u00f3n devuelve una respuesta application/xml, lo que la abre a las etiquetas HTML a trav\u00e9s de XHTML y, por lo tanto, genera una vulnerabilidad XSS. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 3.29.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47071.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47071.json index 8935cc4be1a..96fd89f269a 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47071.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47071.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47071", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T16:15:09.637", - "lastModified": "2024-10-01T16:15:09.637", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OSS Endpoint Manager is an endpoint manager module for FreePBX. OSS Endpoint Manager module activation can allow authenticated web users unauthorized access to read system files with the permissions of the webserver process. This vulnerability is fixed in 14.0.4." + }, + { + "lang": "es", + "value": "OSS Endpoint Manager es un m\u00f3dulo de administraci\u00f3n de endpoints para FreePBX. La activaci\u00f3n del m\u00f3dulo OSS Endpoint Manager puede permitir que usuarios web autenticados accedan sin autorizaci\u00f3n a archivos del sistema con los permisos del proceso del servidor web. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 14.0.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47134.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47134.json index 13950edd852..ed144bfe490 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47134.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47134.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47134", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-10-03T03:15:02.443", - "lastModified": "2024-10-03T03:15:02.443", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de escritura fuera de los l\u00edmites en el software de programaci\u00f3n de PLC Kostac (nombre anterior: software de programaci\u00f3n de PLC Koyo) versi\u00f3n 1.6.14.0 y anteriores. Si un usuario abre un archivo de proyecto especialmente manipulado que se guard\u00f3 con el software de programaci\u00f3n de PLC Kostac versi\u00f3n 1.6.9.0 y anteriores, puede provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS), ejecuci\u00f3n de c\u00f3digo arbitrario o divulgaci\u00f3n de informaci\u00f3n debido a que los problemas existen en el an\u00e1lisis de los archivos de proyecto de KPP." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47135.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47135.json index f37edddd19b..1eac98a49b8 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47135.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47135.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47135", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-10-03T03:15:02.697", - "lastModified": "2024-10-03T03:15:02.697", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de desbordamiento de b\u00fafer basado en pila en el software de programaci\u00f3n de PLC Kostac (nombre anterior: software de programaci\u00f3n de PLC Koyo) versi\u00f3n 1.6.14.0 y anteriores. Si un usuario abre un archivo de proyecto especialmente manipulado que se guard\u00f3 con el software de programaci\u00f3n de PLC Kostac versi\u00f3n 1.6.9.0 y anteriores, puede provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS), ejecuci\u00f3n de c\u00f3digo arbitrario o divulgaci\u00f3n de informaci\u00f3n debido a que los problemas existen en el an\u00e1lisis de los archivos de proyecto de KPP." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47136.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47136.json index e168d183aa9..883f870f9e3 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47136.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47136.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47136", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-10-03T03:15:02.903", - "lastModified": "2024-10-03T03:15:02.903", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de lectura fuera de los l\u00edmites en el software de programaci\u00f3n de PLC Kostac (nombre anterior: Koyo PLC Programming Software) versi\u00f3n 1.6.14.0 y anteriores. Si un usuario abre un archivo de proyecto especialmente manipulado que se guard\u00f3 con el software de programaci\u00f3n de PLC Kostac versi\u00f3n 1.6.9.0 y anteriores, puede provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS), ejecuci\u00f3n de c\u00f3digo arbitrario o divulgaci\u00f3n de informaci\u00f3n debido a que los problemas existen en el an\u00e1lisis de los archivos de proyecto de KPP." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47172.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47172.json index ef89204e27f..555b113d4af 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47172.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47172.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47172", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T15:15:06.523", - "lastModified": "2024-09-30T15:15:06.523", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account may retrieve certain information about any project, task, job or membership resource on the CVAT instance. The information exposed in this way is the same as the information returned on a GET request to the resource. In addition, the attacker can also alter the default source and target storage associated with any project or task. Upgrade to CVAT 2.19.1 or any later version to fix the issue." + }, + { + "lang": "es", + "value": "Computer Vision Annotation Tool (CVAT) es una herramienta interactiva de anotaci\u00f3n de im\u00e1genes y videos para visi\u00f3n artificial. Un atacante con una cuenta CVAT puede recuperar cierta informaci\u00f3n sobre cualquier proyecto, tarea, trabajo o recurso de membres\u00eda en la instancia CVAT. La informaci\u00f3n expuesta de esta manera es la misma que la informaci\u00f3n devuelta en una solicitud GET al recurso. Adem\u00e1s, el atacante tambi\u00e9n puede alterar el almacenamiento de origen y destino predeterminado asociado con cualquier proyecto o tarea. Actualice a CVAT 2.19.1 o cualquier versi\u00f3n posterior para solucionar el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47178.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47178.json index 62dda93d773..9a20f391a6c 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47178.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47178.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47178", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T16:15:09.410", - "lastModified": "2024-09-30T16:15:09.410", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "basic-auth-connect is Connect's Basic Auth middleware in its own module. basic-auth-connect < 1.1.0 uses a timing-unsafe equality comparison that can leak timing information. This issue has been fixed in basic-auth-connect 1.1.0." + }, + { + "lang": "es", + "value": "basic-auth-connect es el middleware de autenticaci\u00f3n b\u00e1sica de Connect en su propio m\u00f3dulo. basic-auth-connect < 1.1.0 utiliza una comparaci\u00f3n de igualdad que no es segura en cuanto al tiempo y que puede filtrar informaci\u00f3n sobre el tiempo. Este problema se ha solucionado en basic-auth-connect 1.1.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-472xx/CVE-2024-47295.json b/CVE-2024/CVE-2024-472xx/CVE-2024-47295.json index 228190d5058..f0b3eb9597c 100644 --- a/CVE-2024/CVE-2024-472xx/CVE-2024-47295.json +++ b/CVE-2024/CVE-2024-472xx/CVE-2024-47295.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47295", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-10-01T04:15:18.040", - "lastModified": "2024-10-01T14:35:03.430", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47396.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47396.json index b19124d2584..592b165e451 100644 --- a/CVE-2024/CVE-2024-473xx/CVE-2024-47396.json +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47396.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47396", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-01T02:15:09.933", - "lastModified": "2024-10-01T02:15:09.933", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en moveaddons Move Addons for Elementor permite XSS almacenado. Este problema afecta a Move Addons for Elementor: desde n/a hasta 1.3.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47523.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47523.json index b6d25413439..9ef6758899e 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47523.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47523.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47523", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T21:15:07.050", - "lastModified": "2024-10-01T21:15:07.050", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Alert Transports\" feature allows authenticated users to inject arbitrary JavaScript through the \"Details\" section (which contains multiple fields depending on which transport is selected at that moment). This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions. This vulnerability is fixed in 24.9.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenado en la funci\u00f3n \"Alert Transports\" permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s de la secci\u00f3n \"Detalles\" (que contiene varios campos seg\u00fan el transporte seleccionado en ese momento). Esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo malicioso en el contexto de las sesiones de otros usuarios, lo que podr\u00eda comprometer sus cuentas y permitir acciones no autorizadas. Esta vulnerabilidad se ha corregido en la versi\u00f3n 24.9.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47524.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47524.json index e8c9789e7d2..77a5a8fb044 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47524.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47524.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47524", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T21:15:07.297", - "lastModified": "2024-10-01T21:15:07.297", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can create a Device Groups, the application did not properly sanitize the user input in the Device Groups name, when user see the detail of the Device Group, if java script code is inside the name of the Device Groups, its will be trigger. This vulnerability is fixed in 24.9.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. El usuario con rol de administrador puede crear un grupo de dispositivos, pero la aplicaci\u00f3n no desinfect\u00f3 correctamente la entrada del usuario en el nombre del grupo de dispositivos. Cuando el usuario ve los detalles del grupo de dispositivos, si el c\u00f3digo de Java script est\u00e1 dentro del nombre del grupo de dispositivos, se activar\u00e1. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 24.9.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47525.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47525.json index 9cf3251060a..060cb013118 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47525.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47525.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47525", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T21:15:07.520", - "lastModified": "2024-10-01T21:15:07.520", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Alert Rules\" feature allows authenticated users to inject arbitrary JavaScript through the \"Title\" field. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions. This vulnerability is fixed in 24.9.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la funci\u00f3n \"Reglas de alerta\" permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del campo \"T\u00edtulo\". Esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo malicioso en el contexto de las sesiones de otros usuarios, lo que podr\u00eda comprometer sus cuentas y permitir acciones no autorizadas. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 24.9.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47526.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47526.json index 54bca22a685..b2bd047d41c 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47526.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47526.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47526", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T21:15:07.740", - "lastModified": "2024-10-01T21:15:07.740", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the \"Alert Templates\" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not persist after a page refresh." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de tipo Self Cross-Site Scripting (Self-XSS) en la funci\u00f3n \"Alert Templates\" permite a los usuarios inyectar c\u00f3digo JavaScript arbitrario en el nombre de la plantilla de alerta. Este script se ejecuta inmediatamente despu\u00e9s de enviarlo, pero no persiste despu\u00e9s de actualizar la p\u00e1gina." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47527.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47527.json index a25be950aca..5808ede252b 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47527.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47527.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47527", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T21:15:07.967", - "lastModified": "2024-10-01T21:15:07.967", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Device Dependencies\" feature allows authenticated users to inject arbitrary JavaScript through the device name (\"hostname\" parameter). This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions. This vulnerability is fixed in 24.9.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en la funci\u00f3n \"Dependencias del dispositivo\" permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del nombre del dispositivo (par\u00e1metro \"hostname\"). Esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo malicioso en el contexto de las sesiones de otros usuarios, lo que podr\u00eda comprometer sus cuentas y permitir acciones no autorizadas. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 24.9.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47528.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47528.json index afa04f56118..597607a6030 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47528.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47528.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47528", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T21:15:08.273", - "lastModified": "2024-10-02T13:35:02.263", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47529.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47529.json index 10c9b0a5772..38595716638 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47529.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47529.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47529", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-02T20:15:11.740", - "lastModified": "2024-10-02T20:15:11.740", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible to exfiltration via Cross-site scripting (see GHSL-2024-128). This vulnerability is fixed in 5.19.0. This only affects Open Source edition, and not OpenC3 COSMOS Enterprise Edition." + }, + { + "lang": "es", + "value": "OpenC3 COSMOS proporciona la funcionalidad necesaria para enviar comandos a uno o m\u00e1s sistemas integrados y recibir datos de ellos. OpenC3 COSMOS almacena la contrase\u00f1a de un usuario sin cifrar en el almacenamiento local de un navegador web. Esto hace que la contrase\u00f1a del usuario sea susceptible a la exfiltraci\u00f3n mediante Cross-Site Scripting (consulte GHSL-2024-128). Esta vulnerabilidad se ha corregido en la versi\u00f3n 5.19.0. Esto solo afecta a la edici\u00f3n Open Source, no a la OpenC3 COSMOS Enterprise Edition." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47530.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47530.json index 397c24cb262..b79d7b13975 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47530.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47530.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47530", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T16:15:09.540", - "lastModified": "2024-09-30T16:15:09.540", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lack of scheme validation, HTTPS Downgrade Attack can be performed on the users. This vulnerability is fixed in 4.89." + }, + { + "lang": "es", + "value": "Scout es un visualizador basado en la web para archivos VCF. La vulnerabilidad de redirecci\u00f3n abierta permite realizar ataques de phishing a los usuarios al redirigirlos a una p\u00e1gina maliciosa. El endpoint de la API /login es vulnerable a ataques de redirecci\u00f3n abierta a trav\u00e9s del siguiente par\u00e1metro debido a la ausencia de l\u00f3gica de desinfecci\u00f3n. Adem\u00e1s, debido a la falta de validaci\u00f3n del esquema, se puede realizar un ataque de degradaci\u00f3n de HTTPS a los usuarios. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 4.89." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47531.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47531.json index 84014d6f05a..c0d2fe0236a 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47531.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47531.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47531", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T16:15:09.750", - "lastModified": "2024-09-30T16:15:09.750", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and opening may lead to the compromise of users' devices or data. This vulnerability is fixed in 4.89." + }, + { + "lang": "es", + "value": "Scout es un visualizador web para archivos VCF. Debido a la falta de desinfecci\u00f3n en el nombre de archivo, es posible eludir la extensi\u00f3n de archivo deseada y hacer que los usuarios descarguen archivos maliciosos con cualquier extensi\u00f3n. Si se inyecta contenido malicioso dentro de los datos del archivo y los usuarios lo descargan y abren sin saberlo, es posible que se vean comprometidos los dispositivos o los datos de los usuarios. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 4.89." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47532.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47532.json index 20ed68a9895..5b8b28b1c0e 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47532.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47532.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47532", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T16:15:09.960", - "lastModified": "2024-09-30T16:15:09.960", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected (and potentially sensible) information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application does not require access to the module string, it can remove it from RestrictedPython.Utilities.utility_builtins or otherwise do not make it available in the restricted execution environment." + }, + { + "lang": "es", + "value": "RestrictedPython es un entorno de ejecuci\u00f3n restringido para que Python ejecute c\u00f3digo no confiable. Un usuario puede obtener acceso a informaci\u00f3n protegida (y potencialmente sensible) indirectamente a trav\u00e9s de AttributeError.obj y el m\u00f3dulo de cadena. El problema se solucionar\u00e1 en la versi\u00f3n 7.3. Como workaround, si la aplicaci\u00f3n no requiere acceso a la cadena del m\u00f3dulo, puede eliminarla de RestrictedPython.Utilities.utility_builtins o, de lo contrario, no ponerla a disposici\u00f3n en el entorno de ejecuci\u00f3n restringido." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47534.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47534.json index 056bf95a576..9d6da079d83 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47534.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47534.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47534", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T16:15:09.857", - "lastModified": "2024-10-01T18:35:09.730", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "go-tuf is a Go implementation of The Update Framework (TUF). The go-tuf client inconsistently traces the delegations. For example, if targets delegate to \"A\", and to \"B\", and \"B\" delegates to \"C\", then the client should trace the delegations in the order \"A\" then \"B\" then \"C\" but it may incorrectly trace the delegations \"B\"->\"C\"->\"A\". This vulnerability is fixed in 2.0.1." + }, + { + "lang": "es", + "value": "go-tuf es una implementaci\u00f3n de Go de The Update Framework (TUF). El cliente go-tuf rastrea las delegaciones de forma inconsistente. Por ejemplo, si los destinos delegan a \"A\" y a \"B\", y \"B\" delega a \"C\", entonces el cliente deber\u00eda rastrear las delegaciones en el orden \"A\", luego \"B\" y luego \"C\", pero puede rastrear incorrectamente las delegaciones \"B\" -> \"C\" -> \"A\". Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 2.0.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47536.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47536.json index 0085df51f3d..741f9fb6d91 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47536.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47536.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47536", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-30T17:15:04.780", - "lastModified": "2024-09-30T17:15:04.780", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. A user with the editmyprivateinfo right or who can otherwise change their name can XSS themselves by setting their \"real name\" to an XSS payload. This vulnerability is fixed in 2.31.0." + }, + { + "lang": "es", + "value": "Citizen es una interfaz de MediaWiki que hace que las extensiones formen parte de la experiencia cohesiva. Un usuario con el derecho editmyprivateinfo o que pueda cambiar su nombre de otra manera puede realizar un XSS a s\u00ed mismo configurando su \"nombre real\" en un payload XSS. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 2.31.0. " } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47554.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47554.json index 12dbc7e2a83..08adf1a0404 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47554.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47554.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47554", "sourceIdentifier": "security@apache.org", "published": "2024-10-03T12:15:02.613", - "lastModified": "2024-10-03T12:15:02.613", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue." + }, + { + "lang": "es", + "value": "Vulnerabilidad de consumo descontrolado de recursos en Apache Commons IO. La clase org.apache.commons.io.input.XmlStreamReader puede consumir recursos de CPU en exceso al procesar una entrada manipulada con fines malintencionados. Este problema afecta a Apache Commons IO: desde la versi\u00f3n 2.0 hasta la 2.14.0. Se recomienda a los usuarios que actualicen a la versi\u00f3n 2.14.0 o posterior, que soluciona el problema." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47560.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47560.json index 738d86222b9..0dac424d0e9 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47560.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47560.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47560", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-10-01T02:15:10.143", - "lastModified": "2024-10-01T02:15:10.143", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If this vulnerability is exploited, unintended processes may be executed in the sandbox environment. Even if malware is executed in the sandbox environment, it does not compromise the client's local environment. However, information in the sandbox environment may be disclosed to outside or behaviors of the sandbox environment may be violated by tampering registry." + }, + { + "lang": "es", + "value": "RevoWorks Cloud Client 3.0.91 y versiones anteriores contienen una vulnerabilidad de autorizaci\u00f3n incorrecta. Si se explota esta vulnerabilidad, se pueden ejecutar procesos no deseados en el entorno de la sandbox. Incluso si se ejecuta malware en el entorno de la sandbox, no compromete el entorno local del cliente. Sin embargo, la informaci\u00f3n del entorno de la sandbox puede divulgarse al exterior o se pueden violar los comportamientos del entorno de la sandbox mediante la manipulaci\u00f3n del registro." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47561.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47561.json index 325ab066e2b..5412969f662 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47561.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47561.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47561", "sourceIdentifier": "security@apache.org", "published": "2024-10-03T11:15:13.510", - "lastModified": "2024-10-03T19:35:17.510", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47604.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47604.json index 45ce038d281..e151704a02c 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47604.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47604.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47604", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T16:15:10.003", - "lastModified": "2024-10-01T16:15:10.003", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser." + }, + { + "lang": "es", + "value": "NuGet Gallery es un repositorio de paquetes que alimenta a nuget.org. NuGetGallery tiene una vulnerabilidad de seguridad en su manejo de atributos de elementos HTML, lo que permite a un atacante ejecutar c\u00f3digo HTML o Javascript arbitrario en el navegador de la v\u00edctima." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47608.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47608.json index 9ac2d7a473f..db76812f937 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47608.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47608.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47608", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T17:15:08.970", - "lastModified": "2024-10-01T17:15:08.970", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Logicytics is designed to harvest and collect data for forensic analysis. Logicytics has a basic vuln affecting compromised devices from shell injections. This vulnerability is fixed in 2.3.2." + }, + { + "lang": "es", + "value": "Logicytics est\u00e1 dise\u00f1ado para recolectar y recopilar datos para an\u00e1lisis forense. Logicytics tiene una vulnerabilidad b\u00e1sica que afecta a los dispositivos afectados por inyecciones de shell. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 2.3.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47609.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47609.json index 24e83921a51..affe718389a 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47609.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47609.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47609", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-01T21:15:08.400", - "lastModified": "2024-10-02T14:35:07.770", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47611.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47611.json index 6b303205e93..c4a7105041b 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47611.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47611.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47611", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-02T15:15:14.980", - "lastModified": "2024-10-02T16:35:34.060", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows (MinGW-w64 or MSVC), the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters (for example, filenames) that don't exist in the current legacy code page, the characters are converted to similar-looking characters with best-fit mapping. Some best-fit mappings result in ASCII characters that change the meaning of the command line, which can be exploited with malicious filenames to do argument injection or directory traversal attacks. This vulnerability is fixed in 5.6.3. Command line tools built for Cygwin or MSYS2 are unaffected. liblzma is unaffected." + }, + { + "lang": "es", + "value": "XZ Utils proporciona una librer\u00eda de compresi\u00f3n de datos de prop\u00f3sito general m\u00e1s herramientas de l\u00ednea de comandos. Cuando se crean para Windows nativo (MinGW-w64 o MSVC), las herramientas de l\u00ednea de comandos de XZ Utils 5.6.2 y anteriores tienen una vulnerabilidad de inyecci\u00f3n de argumentos en la l\u00ednea de comandos. Si una l\u00ednea de comandos contiene caracteres Unicode (por ejemplo, nombres de archivos) que no existen en la p\u00e1gina de c\u00f3digos heredada actual, los caracteres se convierten en caracteres de apariencia similar con una asignaci\u00f3n de mejor ajuste. Algunas asignaciones de mejor ajuste dan como resultado caracteres ASCII que cambian el significado de la l\u00ednea de comandos, lo que se puede explotar con nombres de archivos maliciosos para realizar ataques de inyecci\u00f3n de argumentos o de directory traversal. Esta vulnerabilidad se corrigi\u00f3 en 5.6.3. Las herramientas de l\u00ednea de comandos creadas para Cygwin o MSYS2 no se ven afectadas. liblzma no se ve afectado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47612.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47612.json index be6f94928a0..d548e206a8b 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47612.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47612.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47612", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-02T15:15:15.133", - "lastModified": "2024-10-02T15:15:15.133", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically, (datadump-table-column-queued), (datadump-table-column-in-progress), (datadump-table-column-completed), (datadump-table-column-failed)). If these messages are edited (which requires the (editinterface) right by default), anyone who can view Special:DataDump (which requires the (view-dump) right by default) can be XSSed. This vulnerability is fixed with 601688ee8e8808a23b102fa305b178f27cbd226d." + }, + { + "lang": "es", + "value": "DataDump es una extensi\u00f3n de MediaWiki que proporciona volcados de wikis. Varios mensajes de interfaz no tienen caracteres de escape (m\u00e1s espec\u00edficamente, (datadump-table-column-queued), (datadump-table-column-in-progress), (datadump-table-column-completed), (datadump-table-column-failed)). Si se editan estos mensajes (lo que requiere el derecho (editinterface) de forma predeterminada), cualquiera que pueda ver Special:DataDump (que requiere el derecho (view-dump) de forma predeterminada) puede ser v\u00edctima de XSS. Esta vulnerabilidad se corrige con 601688ee8e8808a23b102fa305b178f27cbd226d." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47614.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47614.json index da27a3dd016..383041eba4d 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47614.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47614.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47614", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-03T15:15:14.720", - "lastModified": "2024-10-03T15:15:14.720", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability is fixed in 7.0.10." + }, + { + "lang": "es", + "value": "async-graphql es una librer\u00eda de servidor GraphQL implementada en Rust. async-graphql anterior a la versi\u00f3n 7.0.10 no limita la cantidad de directivas para un campo. Esto puede provocar la interrupci\u00f3n del servicio, el agotamiento de los recursos y la degradaci\u00f3n de la experiencia del usuario. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 7.0.10." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47616.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47616.json index 93a423657e6..572c5340360 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47616.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47616.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47616", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-02T22:15:03.010", - "lastModified": "2024-10-02T22:15:03.010", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Pomerium is an identity and context-aware access proxy. The Pomerium databroker service is responsible for managing all persistent Pomerium application state. Requests to the databroker service API are authorized by the presence of a JSON Web Token (JWT) signed by a key known by all Pomerium services in the same deployment. However, incomplete validation of this JWT meant that some service account access tokens would incorrectly be treated as valid for the purpose of databroker API authorization. Improper access to the databroker API could allow exfiltration of user info, spoofing of user sessions, or tampering with Pomerium routes, policies, and other settings. A Pomerium deployment is susceptible to this issue if all of the following conditions are met, you have issued a service account access token using Pomerium Zero or Pomerium Enterprise, the access token has an explicit expiration date in the future, and the core Pomerium databroker gRPC API is not otherwise secured by network access controls. This vulnerability is fixed in 0.27.1." + }, + { + "lang": "es", + "value": "Pomerium es un proxy de acceso que reconoce la identidad y el contexto. El servicio de agente de datos Pomerium es responsable de administrar todo el estado persistente de la aplicaci\u00f3n Pomerium. Las solicitudes a la API del servicio de agente de datos se autorizan mediante la presencia de un token web JSON (JWT) firmado por una clave conocida por todos los servicios Pomerium en la misma implementaci\u00f3n. Sin embargo, la validaci\u00f3n incompleta de este JWT significaba que algunos tokens de acceso a la cuenta de servicio se tratar\u00edan incorrectamente como v\u00e1lidos para el prop\u00f3sito de la autorizaci\u00f3n de la API del agente de datos. El acceso inadecuado a la API del agente de datos podr\u00eda permitir la exfiltraci\u00f3n de informaci\u00f3n del usuario, la suplantaci\u00f3n de sesiones de usuario o la manipulaci\u00f3n de las rutas, pol\u00edticas y otras configuraciones de Pomerium. Una implementaci\u00f3n de Pomerium es susceptible a este problema si se cumplen todas las siguientes condiciones: ha emitido un token de acceso a la cuenta de servicio mediante Pomerium Zero o Pomerium Enterprise, el token de acceso tiene una fecha de vencimiento expl\u00edcita en el futuro y la API gRPC del agente de datos Pomerium principal no est\u00e1 protegida de otra manera por controles de acceso a la red. Esta vulnerabilidad se corrigi\u00f3 en 0.27.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47617.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47617.json index 11d38328c30..c2fd5c2bf26 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47617.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47617.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47617", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-03T15:15:14.937", - "lastModified": "2024-10-03T15:15:14.937", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Sulu is a PHP content management system. This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle component. The vulnerability is a Reflected Cross-Site Scripting (XSS) issue, which could potentially allow attackers to steal sensitive information, manipulate the website's content, or perform actions on behalf of the victim. This vulnerability is fixed in 2.6.5 and 2.5.21." + }, + { + "lang": "es", + "value": "Sulu es un sistema de gesti\u00f3n de contenido PHP. Esta vulnerabilidad permite a un atacante inyectar c\u00f3digo HTML/JavaScript arbitrario a trav\u00e9s de la URL de descarga de medios en Sulu CMS. Afecta al componente SuluMediaBundle. La vulnerabilidad es un problema de Cross-Site Scripting (XSS) Reflejado, que podr\u00eda permitir a los atacantes robar informaci\u00f3n confidencial, manipular el contenido del sitio web o realizar acciones en nombre de la v\u00edctima. Esta vulnerabilidad se ha corregido en las versiones 2.6.5 y 2.5.21." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47618.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47618.json index 94a012eeadb..35a78a20861 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47618.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47618.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47618", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-03T15:15:15.147", - "lastModified": "2024-10-03T15:15:15.147", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the \u201cMedia\u201d section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims\u2019 (other users including admins) browsers. This issue is fixed in 2.6.5." + }, + { + "lang": "es", + "value": "Sulu es un sistema de gesti\u00f3n de contenido PHP. Sulu es vulnerable a XSS, ya que un usuario con pocos privilegios y acceso a la secci\u00f3n \u201cMedios\u201d puede cargar un archivo SVG con una carga maliciosa. Una vez cargado y accedido, el c\u00f3digo JavaScript malicioso se ejecutar\u00e1 en los navegadores de las v\u00edctimas (otros usuarios, incluidos los administradores). Este problema se solucion\u00f3 en la versi\u00f3n 2.6.5." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47641.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47641.json index b38ccc59f46..f88954ea07d 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47641.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47641.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47641", "sourceIdentifier": "audit@patchstack.com", "published": "2024-09-30T13:15:02.570", - "lastModified": "2024-09-30T13:15:02.570", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloperr Confetti Fall Animation allows Stored XSS.This issue affects Confetti Fall Animation: from n/a through 1.3.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en WPDeveloperr Confetti Fall Animation permite XSS almacenado. Este problema afecta a Confetti Fall Animation: desde n/a hasta 1.3.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47651.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47651.json new file mode 100644 index 00000000000..e828d09946b --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47651.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47651", + "sourceIdentifier": "vdisclose@cert-in.org.in", + "published": "2024-10-04T12:15:12.710", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This vulnerability exists in Shilpi Client Dashboard due to improper handling of multiple parameters in the API endpoint. An authenticated remote attacker could exploit this vulnerability by including multiple \u201cuserid\u201d parameters in the API request body leading to unauthorized access of sensitive information belonging to other users." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 7.1, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-235" + } + ] + } + ], + "references": [ + { + "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313", + "source": "vdisclose@cert-in.org.in" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47652.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47652.json new file mode 100644 index 00000000000..a25e1b235b2 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47652.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47652", + "sourceIdentifier": "vdisclose@cert-in.org.in", + "published": "2024-10-04T13:15:11.417", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This vulnerability exists in Shilpi Client Dashboard due to implementation of inadequate authentication mechanism in the login module wherein access to any users account is granted with just their corresponding mobile number. A remote attacker could exploit this vulnerability by providing mobile number of targeted user, to obtain complete access to the targeted user account." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "LOW", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 7.6, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-308" + } + ] + } + ], + "references": [ + { + "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313", + "source": "vdisclose@cert-in.org.in" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47653.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47653.json new file mode 100644 index 00000000000..b14879859db --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47653.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47653", + "sourceIdentifier": "vdisclose@cert-in.org.in", + "published": "2024-10-04T13:15:11.563", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This vulnerability exists in Shilpi Client Dashboard due to lack of authorization for modification and cancellation requests through certain API endpoints. An authenticated remote attacker could exploit this vulnerability by placing or cancelling requests through API request body leading to unauthorized modification of requests belonging to the other users." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "LOW", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 7.1, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + } + ] + } + ], + "references": [ + { + "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313", + "source": "vdisclose@cert-in.org.in" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47654.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47654.json new file mode 100644 index 00000000000..ea60623cfc3 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47654.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47654", + "sourceIdentifier": "vdisclose@cert-in.org.in", + "published": "2024-10-04T13:15:11.680", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead to the OTP bombing on the targeted system." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 7.1, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-799" + } + ] + } + ], + "references": [ + { + "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313", + "source": "vdisclose@cert-in.org.in" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47655.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47655.json new file mode 100644 index 00000000000..a8e8c6f8f0e --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47655.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47655", + "sourceIdentifier": "vdisclose@cert-in.org.in", + "published": "2024-10-04T13:15:11.797", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files being uploaded other than the specified extension. An authenticated remote attacker could exploit this vulnerability by uploading malicious file, which could lead to remote code execution on targeted application." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.6, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313", + "source": "vdisclose@cert-in.org.in" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47656.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47656.json new file mode 100644 index 00000000000..602993e874c --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47656.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47656", + "sourceIdentifier": "vdisclose@cert-in.org.in", + "published": "2024-10-04T13:15:11.910", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect login attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack on password, which could lead to gain unauthorized access to other user accounts." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + } + } + ] + }, + "weaknesses": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-307" + } + ] + } + ], + "references": [ + { + "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313", + "source": "vdisclose@cert-in.org.in" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47657.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47657.json new file mode 100644 index 00000000000..3085ddb9223 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47657.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47657", + "sourceIdentifier": "vdisclose@cert-in.org.in", + "published": "2024-10-04T13:15:12.023", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This vulnerability exists in the Shilpi Net Back Office due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter dfclientid through API request URLs which could lead to unauthorized access to sensitive information belonging to other users." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 7.1, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313", + "source": "vdisclose@cert-in.org.in" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-477xx/CVE-2024-47762.json b/CVE-2024/CVE-2024-477xx/CVE-2024-47762.json index 08af17d0815..f8850571ce3 100644 --- a/CVE-2024/CVE-2024-477xx/CVE-2024-47762.json +++ b/CVE-2024/CVE-2024-477xx/CVE-2024-47762.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47762", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-03T18:15:05.287", - "lastModified": "2024-10-03T18:15:05.287", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Backstage is an open framework for building developer portals. Configuration supplied through APP_CONFIG_* environment variables, for example APP_CONFIG_backend_listen_port=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema specified that they should have backend or secret visibility. This was an intended feature of the APP_CONFIG_* way of supplying configuration, but now clearly goes against the expected behavior of the configuration system. This behavior leads to a risk of potentially exposing sensitive configuration details intended to remain private or restricted to backend processes. The issue has been resolved in version 0.3.75 of the @backstage/plugin-app-backend package. As a temporary measure, avoid supplying secrets using the APP_CONFIG_ configuration pattern. Consider alternative methods for setting secrets, such as the environment substitution available for Backstage configuration." + }, + { + "lang": "es", + "value": "Backstage es un framework abierto para crear portales para desarrolladores. La configuraci\u00f3n suministrada a trav\u00e9s de las variables de entorno APP_CONFIG_*, por ejemplo APP_CONFIG_backend_listen_port=7007, ignoraba inesperadamente la visibilidad definida en el esquema de configuraci\u00f3n. Esto ocurr\u00eda incluso si el esquema de configuraci\u00f3n especificaba que deb\u00edan tener visibilidad secreta o de backend. Esta era una caracter\u00edstica prevista de la forma APP_CONFIG_* de suministrar configuraci\u00f3n, pero ahora claramente va en contra del comportamiento esperado del sistema de configuraci\u00f3n. Este comportamiento conlleva un riesgo de exponer potencialmente detalles de configuraci\u00f3n confidenciales que se pretende que permanezcan privados o restringidos a los procesos de backend. El problema se ha resuelto en la versi\u00f3n 0.3.75 del paquete @backstage/plugin-app-backend. Como medida temporal, evite suministrar secretos mediante el patr\u00f3n de configuraci\u00f3n APP_CONFIG_. Considere m\u00e9todos alternativos para configurar secretos, como la sustituci\u00f3n de entorno disponible para la configuraci\u00f3n de Backstage." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-477xx/CVE-2024-47789.json b/CVE-2024/CVE-2024-477xx/CVE-2024-47789.json new file mode 100644 index 00000000000..1827e8e779c --- /dev/null +++ b/CVE-2024/CVE-2024-477xx/CVE-2024-47789.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47789", + "sourceIdentifier": "vdisclose@cert-in.org.in", + "published": "2024-10-04T13:15:12.137", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage of weak authentication scheme of the HTTP header protocol where authorization tag contain a Base-64 encoded username and password. A remote attacker could exploit this vulnerability by crafting a HTTP packet leading to exposure of user credentials of the targeted device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ] + } + ], + "references": [ + { + "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0314", + "source": "vdisclose@cert-in.org.in" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-477xx/CVE-2024-47790.json b/CVE-2024/CVE-2024-477xx/CVE-2024-47790.json new file mode 100644 index 00000000000..9684fa48005 --- /dev/null +++ b/CVE-2024/CVE-2024-477xx/CVE-2024-47790.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47790", + "sourceIdentifier": "vdisclose@cert-in.org.in", + "published": "2024-10-04T13:15:12.260", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage of insecure Real-Time Streaming Protocol (RTSP) version for live video streaming. A remote attacker could exploit this vulnerability by crafting a RTSP packet leading to unauthorized access to live feed of the targeted device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "vdisclose@cert-in.org.in", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0314", + "source": "vdisclose@cert-in.org.in" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47803.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47803.json index 011839eeb48..d11b1ec688d 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47803.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47803.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47803", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2024-10-02T16:15:10.630", - "lastModified": "2024-10-02T16:15:10.630", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field." + }, + { + "lang": "es", + "value": "Jenkins 2.478 y anteriores, LTS 2.462.2 y anteriores no redactan valores secretos de varias l\u00edneas en los mensajes de error generados para env\u00edos de formularios que involucran el campo de formulario `secretTextarea`." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47804.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47804.json index c4c54aeb9d3..96294ec8101 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47804.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47804.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47804", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2024-10-02T16:15:10.697", - "lastModified": "2024-10-02T16:15:10.697", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction." + }, + { + "lang": "es", + "value": "Si se intenta crear un elemento de un tipo prohibido por `ACL#hasCreatePermission2` o `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` a trav\u00e9s de la CLI de Jenkins o la API REST y cualquiera de estas comprobaciones falla, Jenkins 2.478 y anteriores, LTS 2.462.2 y anteriores crean el elemento en la memoria, solo elimin\u00e1ndolo del disco, lo que permite a los atacantes con permiso de Elemento/Configurar guardar el elemento para persistirlo, eludiendo efectivamente la restricci\u00f3n de creaci\u00f3n de elementos." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47805.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47805.json index 0f584a6835c..3c688a36728 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47805.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47805.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47805", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2024-10-02T16:15:10.753", - "lastModified": "2024-10-02T16:15:10.753", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `config.xml` via REST API or CLI." + }, + { + "lang": "es", + "value": "El complemento de credenciales de Jenkins 1380.va_435002fa_924 y anteriores, excepto 1371.1373.v4eb_fa_b_7161e9, no redacta los valores cifrados de las credenciales que utilizan el tipo `SecretBytes` al acceder al elemento `config.xml` a trav\u00e9s de la API REST o la CLI." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47806.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47806.json index f07b8dabfc9..e11411fab09 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47806.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47806.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47806", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2024-10-02T16:15:10.807", - "lastModified": "2024-10-02T17:35:16.567", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins." + }, + { + "lang": "es", + "value": "El complemento de autenticaci\u00f3n Jenkins OpenId Connect 4.354.v321ce67a_1de8 y versiones anteriores no verifica la declaraci\u00f3n `aud` (Audiencia) de un token de identificaci\u00f3n, lo que permite a los atacantes subvertir el flujo de autenticaci\u00f3n y potencialmente obtener acceso de administrador a Jenkins." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47807.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47807.json index 47d18e1b8b5..af49a9c79c2 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47807.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47807.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47807", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2024-10-02T16:15:10.857", - "lastModified": "2024-10-02T17:35:17.357", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins." + }, + { + "lang": "es", + "value": "El complemento de autenticaci\u00f3n Jenkins OpenId Connect 4.354.v321ce67a_1de8 y versiones anteriores no verifica la declaraci\u00f3n `iss` (Emisor) de un token de identificaci\u00f3n, lo que permite a los atacantes subvertir el flujo de autenticaci\u00f3n y potencialmente obtener acceso de administrador a Jenkins." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47850.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47850.json index debd53f2ea8..cdd4f38a640 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47850.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47850.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47850", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-04T05:15:11.243", - "lastModified": "2024-10-04T05:15:11.243", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.)" + }, + { + "lang": "es", + "value": "Los CUPS que se ejecutan antes de la versi\u00f3n 2.5b1 enviar\u00e1n una solicitud HTTP POST a un destino y puerto arbitrarios en respuesta a un \u00fanico paquete IPP UDP que solicita que se agregue una impresora, una vulnerabilidad diferente a la de CVE-2024-47176. (La solicitud tiene como objetivo sondear la nueva impresora, pero se puede utilizar para crear ataques de amplificaci\u00f3n DDoS)." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47854.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47854.json index 9c082d3b8fe..46ec9963fa7 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47854.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47854.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47854", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-04T06:15:03.027", - "lastModified": "2024-10-04T06:15:03.027", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad en Veritas Data Insight anterior a la versi\u00f3n 7.1. Permite a un atacante remoto inyectar un script web arbitrario en una solicitud HTTP que podr\u00eda reflejarse en un usuario autenticado sin desinfecci\u00f3n si lo ejecuta ese usuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47855.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47855.json index e037e20bb8a..d60fefd99a6 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47855.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47855.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47855", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-04T06:15:04.093", - "lastModified": "2024-10-04T06:15:04.093", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string." + }, + { + "lang": "es", + "value": "util/JSONTokener.java en JSON-lib anterior a 3.1.0 maneja incorrectamente una cadena de comentarios desequilibrada." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5803.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5803.json index a3519dd2ed5..b29d96d15fc 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5803.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5803.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5803", "sourceIdentifier": "security@nortonlifelock.com", "published": "2024-10-03T15:15:15.310", - "lastModified": "2024-10-03T15:15:15.310", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is disabled." + }, + { + "lang": "es", + "value": "El AVGUI.exe de AVG/Avast Antivirus anteriores a la versi\u00f3n 24.1 puede permitir que un atacante local escale privilegios a trav\u00e9s de un secuestro de COM en un tiempo de verificaci\u00f3n a tiempo de uso (TOCTOU) cuando la autoprotecci\u00f3n est\u00e1 deshabilitada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5857.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5857.json index 081a19d39da..0af8f6737b4 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5857.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5857.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5857", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:27.780", - "lastModified": "2024-08-29T13:25:27.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-04T12:59:27.290", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:funnelforms:funnelforms_free:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.7.4.1", + "matchCriteriaId": "D7727C2E-AE45-473E-81F9-21E77E3BD8BE" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3141470/funnelforms-free/trunk/frontend/frontend.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5cd0e015-abf2-4905-8b42-46b685be2c74?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5891.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5891.json index 35b6f6f87c2..c1f13526302 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5891.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5891.json @@ -2,7 +2,7 @@ "id": "CVE-2024-5891", "sourceIdentifier": "secalert@redhat.com", "published": "2024-06-12T14:15:12.460", - "lastModified": "2024-09-26T14:45:01.307", + "lastModified": "2024-10-04T12:32:13.813", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -22,20 +22,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.6, - "impactScore": 5.9 + "impactScore": 2.5 }, { "source": "secalert@redhat.com", diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5987.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5987.json index 87e2c421f92..9bef7988f2e 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5987.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5987.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5987", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:27.977", - "lastModified": "2024-08-29T13:25:27.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-04T12:56:47.997", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:volkov:wp_accessibility_helper:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "0.6.2.9", + "matchCriteriaId": "2A1AEB2E-403A-4F42-B753-A406C0530E3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3117664%40wp-accessibility-helper&new=3117664%40wp-accessibility-helper&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3beee75-0480-4504-a177-45f8cd32cf36?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-60xx/CVE-2024-6051.json b/CVE-2024/CVE-2024-60xx/CVE-2024-6051.json index b39d4f22bf8..691c56426c6 100644 --- a/CVE-2024/CVE-2024-60xx/CVE-2024-6051.json +++ b/CVE-2024/CVE-2024-60xx/CVE-2024-6051.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6051", "sourceIdentifier": "cvd@cert.pl", "published": "2024-09-30T13:15:02.800", - "lastModified": "2024-09-30T13:15:02.800", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK\u00a0in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13." + }, + { + "lang": "es", + "value": "La vulnerabilidad de secuencias de comandos entre aplicaciones en el SDK de Vercom SA Redlink en situaciones espec\u00edficas permite la inyecci\u00f3n de c\u00f3digo local y la manipulaci\u00f3n de la vista de una aplicaci\u00f3n vulnerable. Este problema afecta a las versiones del SDK de Redlink hasta la 1.13." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6360.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6360.json index e7df6dc1c1b..e10c59408bb 100644 --- a/CVE-2024/CVE-2024-63xx/CVE-2024-6360.json +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6360.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6360", "sourceIdentifier": "security@opentext.com", "published": "2024-10-02T16:15:11.103", - "lastModified": "2024-10-02T16:15:11.103", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect Permission Assignment for Critical Resource vulnerability in OpenText\u2122 Vertica could allow Privilege Abuse and result in\u00a0unauthorized access or privileges to Vertica agent apikey.\nThis issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X." + }, + { + "lang": "es", + "value": "La vulnerabilidad de asignaci\u00f3n incorrecta de permisos para recursos cr\u00edticos en OpenText\u2122 Vertica podr\u00eda permitir el abuso de privilegios y dar como resultado el acceso no autorizado o los privilegios a la clave API del agente de Vertica. Este problema afecta a Vertica: de la versi\u00f3n 10.0 a la 10.X, de la versi\u00f3n 11.0 a la 11.X, de la versi\u00f3n 12.0 a la 12.X, de la versi\u00f3n 23.0 a la 23.X, de la versi\u00f3n 24.0 a la 24.X." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6400.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6400.json new file mode 100644 index 00000000000..9b05d86ed15 --- /dev/null +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6400.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2024-6400", + "sourceIdentifier": "iletisim@usom.gov.tr", + "published": "2024-10-04T12:15:12.930", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cleartext Storage of Sensitive Information vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data.This issue solved in versions 1.21.10,\u00a01.23.01,\u00a01.23.08, 1.23.11 and 1.24.03." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:L/VA:L/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "ACTIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.2, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-202" + }, + { + "lang": "en", + "value": "CWE-311" + }, + { + "lang": "en", + "value": "CWE-312" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-24-1611", + "source": "iletisim@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6442.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6442.json index f2b76fcfe63..0a6c06db4aa 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6442.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6442.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6442", "sourceIdentifier": "vulnerabilities@zephyrproject.org", "published": "2024-10-04T06:15:04.370", - "lastModified": "2024-10-04T06:15:04.370", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow." + }, + { + "lang": "es", + "value": "En ascs_cp_rsp_add en /subsys/bluetooth/audio/ascs.c, un tailroom no controlado podr\u00eda provocar un desbordamiento de b\u00fafer global." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6443.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6443.json index ad0f4d0c622..f853ee8a9fe 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6443.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6443.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6443", "sourceIdentifier": "vulnerabilities@zephyrproject.org", "published": "2024-10-04T06:15:05.160", - "lastModified": "2024-10-04T06:15:05.160", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty." + }, + { + "lang": "es", + "value": "En utf8_trunc en zephyr/lib/utils/utf8.c, last_byte_p puede apuntar a un byte antes del puntero de cadena si la cadena est\u00e1 vac\u00eda." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6444.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6444.json index 5e44c634b83..43b014a72a2 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6444.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6444.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6444", "sourceIdentifier": "vulnerabilities@zephyrproject.org", "published": "2024-10-04T07:15:02.877", - "lastModified": "2024-10-04T07:15:02.877", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c." + }, + { + "lang": "es", + "value": "No hay una validaci\u00f3n adecuada de la longitud de la entrada del usuario en olcp_ind_handler en zephyr/subsys/bluetooth/services/ots/ots_client.c." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7315.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7315.json index a7aa8921de8..14c5f9dda2d 100644 --- a/CVE-2024/CVE-2024-73xx/CVE-2024-7315.json +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7315.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7315", "sourceIdentifier": "contact@wpscan.com", "published": "2024-10-02T06:15:09.963", - "lastModified": "2024-10-02T17:35:18.430", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7341.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7341.json index 145cfe8cfa9..19862901991 100644 --- a/CVE-2024/CVE-2024-73xx/CVE-2024-7341.json +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7341.json @@ -2,7 +2,7 @@ "id": "CVE-2024-7341", "sourceIdentifier": "secalert@redhat.com", "published": "2024-09-09T19:15:14.450", - "lastModified": "2024-09-20T15:53:28.537", + "lastModified": "2024-10-04T12:48:43.523", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -22,19 +22,19 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 8.1, + "baseScore": 7.1, "baseSeverity": "HIGH" }, - "exploitabilityScore": 2.2, + "exploitabilityScore": 1.2, "impactScore": 5.9 }, { diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7432.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7432.json index 5d962c910d9..7d3dd2b20bb 100644 --- a/CVE-2024/CVE-2024-74xx/CVE-2024-7432.json +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7432.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7432", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:02.453", - "lastModified": "2024-10-01T08:15:02.453", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code." + }, + { + "lang": "es", + "value": "El tema Unseen Blog para WordPress es vulnerable a la inyecci\u00f3n de objetos PHP en todas las versiones hasta la 1.0.0 incluida, a trav\u00e9s de la deserializaci\u00f3n de entradas no confiables. Esto permite que atacantes autenticados, con acceso de nivel de colaborador o superior, inyecten un objeto PHP. No hay ninguna cadena POP presente en el software vulnerable. Si hay una cadena POP presente a trav\u00e9s de un complemento o tema adicional instalado en el sistema de destino, podr\u00eda permitir al atacante eliminar archivos arbitrarios, recuperar datos confidenciales o ejecutar c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7433.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7433.json index e8f7fb428c2..10f9668ad12 100644 --- a/CVE-2024/CVE-2024-74xx/CVE-2024-7433.json +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7433.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7433", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:02.727", - "lastModified": "2024-10-01T08:15:02.727", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.2 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code." + }, + { + "lang": "es", + "value": "El tema Empowerment para WordPress es vulnerable a la inyecci\u00f3n de objetos PHP en todas las versiones hasta la 1.0.2 incluida, a trav\u00e9s de la deserializaci\u00f3n de entradas no confiables. Esto permite que atacantes autenticados, con acceso de nivel de colaborador o superior, inyecten un objeto PHP. No existe ninguna cadena POP conocida en el software vulnerable. Si existe una cadena POP a trav\u00e9s de un complemento o tema adicional instalado en el sistema de destino, podr\u00eda permitir al atacante eliminar archivos arbitrarios, recuperar datos confidenciales o ejecutar c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7434.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7434.json index c4f79a86e97..ffd752c7cd1 100644 --- a/CVE-2024/CVE-2024-74xx/CVE-2024-7434.json +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7434.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7434", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:02.943", - "lastModified": "2024-10-01T08:15:02.943", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.1 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code." + }, + { + "lang": "es", + "value": "El tema UltraPress para WordPress es vulnerable a la inyecci\u00f3n de objetos PHP en todas las versiones hasta la 1.2.1 incluida, a trav\u00e9s de la deserializaci\u00f3n de entradas no confiables. Esto permite que atacantes autenticados, con acceso de nivel de colaborador o superior, inyecten un objeto PHP. No existe ninguna cadena POP conocida en el software vulnerable. Si existe una cadena POP a trav\u00e9s de un complemento o tema adicional instalado en el sistema de destino, podr\u00eda permitir al atacante eliminar archivos arbitrarios, recuperar datos confidenciales o ejecutar c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-75xx/CVE-2024-7558.json b/CVE-2024/CVE-2024-75xx/CVE-2024-7558.json index 1b85610d7b6..419da40e94b 100644 --- a/CVE-2024/CVE-2024-75xx/CVE-2024-7558.json +++ b/CVE-2024/CVE-2024-75xx/CVE-2024-7558.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7558", "sourceIdentifier": "security@ubuntu.com", "published": "2024-10-02T11:15:11.460", - "lastModified": "2024-10-02T11:15:11.460", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm." + }, + { + "lang": "es", + "value": "JUJU_CONTEXT_ID es un secreto de autenticaci\u00f3n predecible. En una m\u00e1quina Juju (que no sea de Kubernetes) o un contenedor de Juju Charm (en Kubernetes), un usuario sin privilegios en el mismo espacio de nombres de red puede conectarse a un socket de dominio abstracto y adivinar el valor de JUJU_CONTEXT_ID. Esto le otorga al usuario sin privilegios acceso a la misma informaci\u00f3n y herramientas que el contenedor de Juju Charm." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7670.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7670.json index 228432b05d8..ff96da993ec 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7670.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7670.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7670", "sourceIdentifier": "psirt@autodesk.com", "published": "2024-09-30T21:15:03.680", - "lastModified": "2024-09-30T21:15:03.680", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process." + }, + { + "lang": "es", + "value": "Un archivo DWFX manipulado con fines malintencionados, cuando se analiza en w3dtk.dll a trav\u00e9s de Autodesk Navisworks, puede forzar una lectura fuera de los l\u00edmites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, leer datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7671.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7671.json index f813de45d7f..b24cfb7960e 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7671.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7671.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7671", "sourceIdentifier": "psirt@autodesk.com", "published": "2024-09-30T21:15:03.890", - "lastModified": "2024-09-30T21:15:03.890", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process." + }, + { + "lang": "es", + "value": "Un archivo DWFX manipulado con fines malintencionados, cuando se analiza en dwfcore.dll a trav\u00e9s de Autodesk Navisworks, puede forzar una escritura fuera de los l\u00edmites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, escribir datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7672.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7672.json index 9765a36952d..e45ea06142f 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7672.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7672.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7672", "sourceIdentifier": "psirt@autodesk.com", "published": "2024-09-30T21:15:04.070", - "lastModified": "2024-09-30T21:15:04.070", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process." + }, + { + "lang": "es", + "value": "Un archivo DWF manipulado con fines malintencionados, cuando se analiza en dwfcore.dll a trav\u00e9s de Autodesk Navisworks, puede forzar una escritura fuera de los l\u00edmites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, escribir datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7673.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7673.json index d7fc9d1a9ba..68c0468527c 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7673.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7673.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7673", "sourceIdentifier": "psirt@autodesk.com", "published": "2024-09-30T21:15:04.250", - "lastModified": "2024-09-30T21:15:04.250", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process." + }, + { + "lang": "es", + "value": "Un archivo DWFX manipulado con fines malintencionados, cuando se analiza en w3dtk.dll a trav\u00e9s de Autodesk Navisworks, puede provocar un desbordamiento de b\u00fafer basado en el mont\u00f3n. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7674.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7674.json index 74c61cad44a..1a5da13b0f2 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7674.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7674.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7674", "sourceIdentifier": "psirt@autodesk.com", "published": "2024-09-30T21:15:04.430", - "lastModified": "2024-09-30T21:15:04.430", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process." + }, + { + "lang": "es", + "value": "Un archivo DWF manipulado con fines malintencionados, cuando se analiza en dwfcore.dll a trav\u00e9s de Autodesk Navisworks, puede provocar un desbordamiento de b\u00fafer basado en el mont\u00f3n. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7675.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7675.json index fd513d3bd52..e790e77bbcf 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7675.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7675.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7675", "sourceIdentifier": "psirt@autodesk.com", "published": "2024-09-30T21:15:04.613", - "lastModified": "2024-09-30T21:15:04.613", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process." + }, + { + "lang": "es", + "value": "Un archivo DWF manipulado con fines malintencionados, cuando se analiza en w3dtk.dll a trav\u00e9s de Autodesk Navisworks, puede forzar un Use-After-Free. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7824.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7824.json index 1cdc0d292f6..3d7ac1fb047 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7824.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7824.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7824", "sourceIdentifier": "security@opentext.com", "published": "2024-10-03T17:15:14.913", - "lastModified": "2024-10-03T17:15:14.913", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3." + }, + { + "lang": "es", + "value": "La vulnerabilidad de acceso a recursos mediante un tipo incompatible ('Confusi\u00f3n de tipos') en Webroot SecureAnywhere - Web Shield en Windows, ARM, 64 bits, 32 bits (m\u00f3dulos wrUrl.Dll) permite el uso indebido de la funcionalidad. Este problema afecta a SecureAnywhere - Web Shield: anteriores a 2.1.2.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7825.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7825.json index 00ff34a8820..8f7e6b7d60b 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7825.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7825.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7825", "sourceIdentifier": "security@opentext.com", "published": "2024-10-03T17:15:15.060", - "lastModified": "2024-10-03T17:15:15.060", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3." + }, + { + "lang": "es", + "value": "La vulnerabilidad de acceso a recursos mediante un tipo incompatible ('Confusi\u00f3n de tipos') en Webroot SecureAnywhere - Web Shield en Windows, ARM, 64 bits, 32 bits (m\u00f3dulos wrUrl.Dll) permite el uso indebido de la funcionalidad. Este problema afecta a SecureAnywhere - Web Shield: anteriores a 2.1.2.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7826.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7826.json index 970473c9233..80441d98119 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7826.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7826.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7826", "sourceIdentifier": "security@opentext.com", "published": "2024-10-03T17:15:15.180", - "lastModified": "2024-10-03T17:15:15.180", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrURL.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3." + }, + { + "lang": "es", + "value": "La vulnerabilidad de verificaci\u00f3n incorrecta de condiciones inusuales o excepcionales en Webroot SecureAnywhere - Web Shield en Windows, ARM, 64 bit, 32 bit (m\u00f3dulos wrURL.Dll) permite el uso indebido de la funcionalidad. Este problema afecta a SecureAnywhere - Web Shield: anterior a 2.1.2.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7855.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7855.json index 132df342196..7b7f06f07d7 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7855.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7855.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7855", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T05:15:11.843", - "lastModified": "2024-10-02T05:15:11.843", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_review() function in all versions up to, and including, 2.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + }, + { + "lang": "es", + "value": "El complemento WP Hotel Booking para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n update_review() en todas las versiones hasta la 2.1.2 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7869.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7869.json index 64f0e7b9ac7..07cfce1acb8 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7869.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7869.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7869", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:03.167", - "lastModified": "2024-10-01T08:15:03.167", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento 123.chat - Video Chat para WordPress es vulnerable a Cross-Site Scripting Almacenado en todas las versiones hasta la 1.3.1 incluida debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8037.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8037.json index 1bd12843c76..f37d381da4e 100644 --- a/CVE-2024/CVE-2024-80xx/CVE-2024-8037.json +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8037.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8037", "sourceIdentifier": "security@ubuntu.com", "published": "2024-10-02T11:15:11.690", - "lastModified": "2024-10-02T11:15:11.690", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm." + }, + { + "lang": "es", + "value": "Herramienta de gancho Juju vulnerable que abstrae el socket de dominio UNIX. Cuando se combina con un ataque de JUJU_CONTEXT_ID, cualquier usuario del sistema local con acceso al espacio de nombres de red predeterminado puede conectarse al @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket y realizar acciones que normalmente est\u00e1n reservadas a un encanto Juju." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8038.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8038.json index 0b2002b6929..04b9c214acd 100644 --- a/CVE-2024/CVE-2024-80xx/CVE-2024-8038.json +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8038.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8038", "sourceIdentifier": "security@ubuntu.com", "published": "2024-10-02T11:15:11.853", - "lastModified": "2024-10-02T11:15:11.853", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks." + }, + { + "lang": "es", + "value": "Socket de dominio UNIX abstracto de introspecci\u00f3n de juju vulnerable. Un socket de dominio UNIX abstracto responsable de la introspecci\u00f3n est\u00e1 disponible sin autenticaci\u00f3n localmente para los usuarios del espacio de nombres de la red. Esto permite ataques de denegaci\u00f3n de servicio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8107.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8107.json index a6d9515bf88..1756e1c3bb3 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8107.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8107.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8107", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T07:15:06.263", - "lastModified": "2024-10-01T07:15:06.263", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.7.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. By default, this can only be exploited by administrators, but the ability to use and configure Slider Revolution can be extended to authors." + }, + { + "lang": "es", + "value": "El complemento Slider Revolution para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la carga de archivos SVG en todas las versiones hasta la 6.7.18 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG. De forma predeterminada, esto solo puede ser explotado por administradores, pero la capacidad de usar y configurar Slider Revolution se puede extender a los autores." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8159.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8159.json index 57137e7adbc..20c842bf3db 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8159.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8159.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8159", "sourceIdentifier": "help@fluidattacks.com", "published": "2024-10-03T06:15:10.297", - "lastModified": "2024-10-03T06:15:10.297", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver." + }, + { + "lang": "es", + "value": "Deep Freeze 9.00.020.5760 es vulnerable a una vulnerabilidad de lectura fuera de los l\u00edmites al activar el c\u00f3digo IOCTL 0x70014 del controlador FarDisk.sys." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8254.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8254.json index 04e21556694..5f664aca4cf 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8254.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8254.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8254", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T07:15:03.033", - "lastModified": "2024-10-02T07:15:03.033", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8282.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8282.json index 42fff8af4c8..62617ff9352 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8282.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8282.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8282", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T10:15:04.537", - "lastModified": "2024-10-02T10:15:04.537", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Ibtana \u2013 WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018align\u2019 attribute within the 'wp:ive/ive-productscarousel' Gutenberg block in all versions up to, and including, 1.2.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Ibtana \u2013 WordPress Website Builder para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del atributo 'align' dentro del bloque de Gutenberg 'wp:ive/ive-productscarousel' en todas las versiones hasta la 1.2.4.4 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8288.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8288.json index 71f16476c74..4117fde9813 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8288.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8288.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8288", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:02.850", - "lastModified": "2024-10-01T09:15:02.850", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Guten Post Layout \u2013 An Advanced Post Grid Collection for WordPress Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018align\u2019 attribute within the 'wp:guten-post-layout/post-grid' Gutenberg block in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Guten Post Layout \u2013 An Advanced Post Grid Collection para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del atributo 'align' dentro del bloque Gutenberg 'wp:guten-post-layout/post-grid' en todas las versiones hasta la 1.2.4 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8324.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8324.json index 949a70600e1..6615383b43f 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8324.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8324.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8324", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:03.293", - "lastModified": "2024-10-01T09:15:03.293", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The XO Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018get_slider\u2019 function in all versions up to, and including, 3.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento XO Slider para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la funci\u00f3n 'get_slider' en todas las versiones hasta la 3.8.6 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8352.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8352.json index 00415196ade..94410d8c270 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8352.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8352.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8352", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-03T04:15:04.613", - "lastModified": "2024-10-03T04:15:04.613", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Social Web Suite \u2013 Social Media Auto Post, Social Media Auto Publish plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.1.11 via the download_log function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information." + }, + { + "lang": "es", + "value": "El complemento Social Web Suite \u2013 Social Media Auto Post, Social Media Auto Publish para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 4.1.11 incluida a trav\u00e9s de la funci\u00f3n download_log. Esto permite que atacantes no autenticados lean el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8421.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8421.json index 726ddec28c5..502ec559e59 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8421.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8421.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8421", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-01T06:15:02.357", - "lastModified": "2024-10-01T06:15:02.357", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This CVE has been rejected." + }, + { + "lang": "es", + "value": "Esta CVE ha sido rechazado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8430.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8430.json index 108b11ca851..895f002b6b1 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8430.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8430.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8430", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:03.790", - "lastModified": "2024-10-01T09:15:03.790", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Spice Starter Sites plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the spice_starter_sites_importer_creater function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to import demo content." + }, + { + "lang": "es", + "value": "El complemento Spice Starter Sites para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n spice_starter_sites_importer_creater en todas las versiones hasta la 1.2.5 incluida. Esto permite que atacantes no autenticados importen contenido de demostraci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8499.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8499.json new file mode 100644 index 00000000000..9d8f62f46db --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8499.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8499", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-10-04T13:15:12.380", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018render_review_request_notice\u2019 function in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/woo-checkout-field-editor-pro/trunk/admin/class-thwcfd-admin.php#L426", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3160299/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81eb8963-548f-4e94-83bd-266a19c09aab?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8505.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8505.json index b1da33257ea..e499e04971a 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8505.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8505.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8505", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T10:15:04.743", - "lastModified": "2024-10-02T10:15:04.743", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WordPress Infinite Scroll \u2013 Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018button_label\u2019 parameter in all versions up to, and including, 7.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento WordPress Infinite Scroll \u2013 Ajax Load More para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del par\u00e1metro 'button_label' en todas las versiones hasta la 7.1.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8508.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8508.json index 23b5cbee060..79f0b0540bc 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8508.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8508.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8508", "sourceIdentifier": "sep@nlnetlabs.nl", "published": "2024-10-03T17:15:15.323", - "lastModified": "2024-10-03T17:15:15.323", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to downstream replies. This can lead to degraded performance and eventually denial of service in well orchestrated attacks. The vulnerability can be exploited by a malicious actor querying Unbound for the specially crafted contents of a malicious zone with very large RRsets. Before Unbound replies to the query it will try to apply name compression which was an unbounded operation that could lock the CPU until the whole packet was complete. Unbound version 1.21.1 introduces a hard limit on the number of name compression calculations it is willing to do per packet. Packets that need more compression will result in semi-compressed packets or truncated packets, even on TCP for huge messages, to avoid locking the CPU for long. This change should not affect normal DNS traffic." + }, + { + "lang": "es", + "value": "NLnet Labs Unbound hasta la versi\u00f3n 1.21.0 incluida contiene una vulnerabilidad al manejar respuestas con conjuntos de RR muy grandes para las que necesita realizar una compresi\u00f3n de nombres. Las respuestas maliciosas ascendentes con conjuntos de RR muy grandes pueden hacer que Unbound dedique un tiempo considerable a aplicar la compresi\u00f3n de nombres a las respuestas descendentes. Esto puede provocar un rendimiento degradado y, finalmente, la denegaci\u00f3n del servicio en ataques bien orquestados. La vulnerabilidad puede ser explotada por un actor malicioso que consulte a Unbound sobre el contenido especialmente manipulado de una zona maliciosa con conjuntos de RR muy grandes. Antes de que Unbound responda a la consulta, intentar\u00e1 aplicar la compresi\u00f3n de nombres, que era una operaci\u00f3n sin l\u00edmites que pod\u00eda bloquear la CPU hasta que se completara todo el paquete. La versi\u00f3n 1.21.1 de Unbound introduce un l\u00edmite estricto en la cantidad de c\u00e1lculos de compresi\u00f3n de nombres que est\u00e1 dispuesto a realizar por paquete. Los paquetes que necesitan m\u00e1s compresi\u00f3n dar\u00e1n como resultado paquetes semicomprimidos o paquetes truncados, incluso en TCP para mensajes grandes, para evitar bloquear la CPU durante mucho tiempo. Este cambio no deber\u00eda afectar el tr\u00e1fico DNS normal." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8519.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8519.json index 7ea24857ff4..ee340bb3893 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8519.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8519.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8519", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:11.433", - "lastModified": "2024-10-04T05:15:11.433", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'um_loggedin' shortcode in all versions up to, and including, 2.8.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo abreviado 'um_loggedin' del complemento en todas las versiones hasta la 2.8.6 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8520.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8520.json index 04bd9918efe..527d4f1a275 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8520.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8520.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8520", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:11.727", - "lastModified": "2024-10-04T05:15:11.727", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the admin_init or user_action_hook function. This makes it possible for unauthenticated attackers to modify a users membership status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 2.8.6 incluida. Esto se debe a la falta o la validaci\u00f3n incorrecta de nonce en la funci\u00f3n admin_init o user_action_hook. Esto hace posible que atacantes no autenticados modifiquen el estado de membres\u00eda de un usuario a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8548.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8548.json index 6609582c113..139bd5ff264 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8548.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8548.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8548", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:03.400", - "lastModified": "2024-10-01T08:15:03.400", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The KB Support \u2013 WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on several functions in all versions up to, and including, 1.6.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform multiple administrative actions, such as replying to arbitrary tickets, updating the status of any post, deleting any post, adding notes to tickets, flagging or unflagging tickets, and adding or removing ticket participants." + }, + { + "lang": "es", + "value": "El complemento KB Support \u2013 WordPress Help Desk and Knowledge Base para WordPress es vulnerable a modificaciones no autorizadas y p\u00e9rdida de datos debido a la falta de comprobaci\u00f3n de capacidad en varias funciones en todas las versiones hasta la 1.6.6 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor o superior, realicen m\u00faltiples acciones administrativas, como responder a tickets arbitrarios, actualizar el estado de cualquier publicaci\u00f3n, eliminar cualquier publicaci\u00f3n, agregar notas a tickets, marcar o desmarcar tickets y agregar o eliminar participantes de tickets." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8632.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8632.json index 39b9b076e4d..f63f41d4fdf 100644 --- a/CVE-2024/CVE-2024-86xx/CVE-2024-8632.json +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8632.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8632", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:03.610", - "lastModified": "2024-10-01T08:15:03.610", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The KB Support \u2013 WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'kbs_ajax_load_front_end_replies' and 'kbs_ajax_mark_reply_as_read' functions in all versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to read replies of any ticket, and mark any reply as read." + }, + { + "lang": "es", + "value": "El complemento KB Support \u2013 WordPress Help Desk and Knowledge Base para WordPress es vulnerable al acceso no autorizado y a la modificaci\u00f3n de datos debido a una falta de comprobaci\u00f3n de capacidad en las funciones 'kbs_ajax_load_front_end_replies' y 'kbs_ajax_mark_reply_as_read' en todas las versiones hasta la 1.6.6 incluida. Esto permite que atacantes no autenticados lean las respuestas de cualquier ticket y marquen cualquier respuesta como le\u00edda." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8675.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8675.json index 178f7562240..e7431d8f534 100644 --- a/CVE-2024/CVE-2024-86xx/CVE-2024-8675.json +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8675.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8675", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:03.820", - "lastModified": "2024-10-01T08:15:03.820", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the soumettre_disconnect_gateway function in all versions up to, and including, 2.1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to disconnect the gateway and delete the API key." + }, + { + "lang": "es", + "value": "El complemento Soumettre.fr para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una falta de comprobaci\u00f3n de capacidad en la funci\u00f3n soumettre_disconnect_gateway en todas las versiones hasta la 2.1.2 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor o superior, desconecten la puerta de enlace y eliminen la clave API." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8718.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8718.json index 7aefd94f60d..1657c25654a 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8718.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8718.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8718", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:04.030", - "lastModified": "2024-10-01T08:15:04.030", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Gravity Forms Toolbar para WordPress es vulnerable a ataques de cross-site scripting reflejado a trav\u00e9s del par\u00e1metro 'tab' en todas las versiones hasta la 1.7.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8720.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8720.json index 729eb070f7e..de859bcfcdd 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8720.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8720.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8720", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:04.237", - "lastModified": "2024-10-01T08:15:04.237", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The RumbleTalk Live Group Chat \u2013 HTML5 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rumbletalk-admin-button' shortcode in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento RumbleTalk Live Group Chat \u2013 HTML5 para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del c\u00f3digo abreviado 'rumbletalk-admin-button' del complemento en todas las versiones hasta la 6.3.0 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8727.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8727.json index 74fb1dd7060..3dc945d1dc6 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8727.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8727.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8727", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:04.433", - "lastModified": "2024-10-01T08:15:04.433", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DK PDF plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.9.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento DK PDF para WordPress es vulnerable a ataques de cross-site scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.9.6 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8728.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8728.json index 813d48b4d20..e09b7a2408d 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8728.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8728.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8728", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:04.637", - "lastModified": "2024-10-01T08:15:04.637", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Easy Load More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Easy Load More para WordPress es vulnerable a ataques de cross-site scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.0.3 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8733.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8733.json index f04945ef70e..b249a3f5e57 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8733.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8733.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8733", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2024-10-02T20:15:11.867", - "lastModified": "2024-10-02T20:15:11.867", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A potential security vulnerability\nhas been identified in the HP One Agent for certain HP PC products, which might\nallow for escalation of privilege. HP is releasing software updates to mitigate\nthis potential vulnerability." + }, + { + "lang": "es", + "value": "Se ha identificado una posible vulnerabilidad de seguridad en HP One Agent para determinados productos de PC de HP, que podr\u00eda permitir la escalada de privilegios. HP est\u00e1 lanzando actualizaciones de software para mitigar esta posible vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8786.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8786.json index 03a7d06b323..2353c915eeb 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8786.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8786.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8786", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:04.300", - "lastModified": "2024-10-01T09:15:04.300", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Auto Featured Image from Title plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Auto Featured Image from Title para WordPress es vulnerable a Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 2.3 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8793.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8793.json index 303c655c7f8..952a2311f17 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8793.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8793.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8793", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:04.770", - "lastModified": "2024-10-01T09:15:04.770", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Store Exporter for WooCommerce \u2013 Export Products, Export Orders, Export Subscriptions, and More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.2.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Store Exporter for WooCommerce \u2013 Export Products, Export Orders, Export Subscriptions, and More para WordPress es vulnerable a ataques de cross-site scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 2.7.2.1 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8799.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8799.json index ffd13278a4f..3f88207e323 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8799.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8799.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8799", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:05.220", - "lastModified": "2024-10-01T09:15:05.220", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Custom Banners plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Custom Banners para WordPress es vulnerable a ataques Cross-Site Scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 3.3 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8800.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8800.json index 6bc7b3d0e13..dbc488d5757 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8800.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8800.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8800", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T08:15:02.510", - "lastModified": "2024-10-02T08:15:02.510", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8802.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8802.json index 07767e15508..2c8946d3041 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8802.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8802.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8802", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:11.930", - "lastModified": "2024-10-04T05:15:11.930", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Clio Grow plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Clio Grow para WordPress es vulnerable a ataques de Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.0.2 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8804.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8804.json index f0903160d57..1083c403fe4 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8804.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8804.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8804", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T06:15:05.353", - "lastModified": "2024-10-04T06:15:05.353", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's script embed functionality in all versions up to, and including, 2.4 due to insufficient restrictions on who can utilize the functionality. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Code Embed para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la funci\u00f3n de inserci\u00f3n de secuencias de comandos del complemento en todas las versiones hasta la 2.4 incluida, debido a restricciones insuficientes sobre qui\u00e9n puede utilizar la funci\u00f3n. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8885.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8885.json index e9430aa5422..fbd5a1c71de 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8885.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8885.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8885", "sourceIdentifier": "security-alert@sophos.com", "published": "2024-10-02T13:15:12.410", - "lastModified": "2024-10-02T14:15:05.927", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de escalada de privilegios locales en Sophos Intercept X para Windows con Central Device Encryption 2024.2.0 y versiones anteriores permite la escritura de archivos arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8967.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8967.json index 408b059f2b5..9ab9c9c06b8 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8967.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8967.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8967", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T08:15:02.740", - "lastModified": "2024-10-02T08:15:02.740", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8981.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8981.json index 1cb58a7fdee..9a65eb679f0 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8981.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8981.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8981", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T03:15:02.470", - "lastModified": "2024-10-01T03:15:02.470", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Broken Link Checker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg in /app/admin-notices/features/class-view.php without appropriate escaping on the URL in all versions up to, and including, 2.4.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Broken Link Checker para WordPress es vulnerable a ataques Cross-Site Scripting reflejado debido al uso de add_query_arg en /app/admin-notices/features/class-view.php sin el escape adecuado en la URL en todas las versiones hasta la 2.4.0 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8989.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8989.json index 75d4e1decc1..7d2375b80fb 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8989.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8989.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8989", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:04.840", - "lastModified": "2024-10-01T08:15:04.840", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews \u2013 Stars Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stars_testimonials shortcode in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews \u2013 Stars Testimonials de WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo abreviado stars_testimonials del complemento en todas las versiones hasta la 3.3.1 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8990.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8990.json index ac83a353049..33966d380af 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8990.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8990.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8990", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:05.060", - "lastModified": "2024-10-01T08:15:05.060", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Geo Mashup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's geo_mashup_visible_posts_list shortcode in all versions up to, and including, 1.13.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Geo Mashup para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo abreviado geo_mashup_visible_posts_list del complemento en todas las versiones hasta la 1.13.13 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9018.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9018.json index 7cf7c8f0354..fb0c8b52a3e 100644 --- a/CVE-2024/CVE-2024-90xx/CVE-2024-9018.json +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9018.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9018", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:05.610", - "lastModified": "2024-10-01T09:15:05.610", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Easy Gallery \u2013 WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018key\u2019 parameter in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento WP Easy Gallery \u2013 WordPress Gallery Plugin para WordPress es vulnerable a la inyecci\u00f3n SQL basada en tiempo a trav\u00e9s del par\u00e1metro 'key' en todas las versiones hasta la 4.8.5 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que los atacantes autenticados, con acceso de nivel de colaborador y superior, agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9060.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9060.json index 106125111d0..766f40d7c0d 100644 --- a/CVE-2024/CVE-2024-90xx/CVE-2024-9060.json +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9060.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9060", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T10:15:03.983", - "lastModified": "2024-10-01T10:15:03.983", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9071.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9071.json index fffb7c58cda..c66e609644f 100644 --- a/CVE-2024/CVE-2024-90xx/CVE-2024-9071.json +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9071.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9071", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T10:15:12.903", - "lastModified": "2024-10-04T10:15:12.903", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9100.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9100.json index 8bd579ce840..01183a3c8c5 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9100.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9100.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9100", "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", "published": "2024-10-03T15:15:15.553", - "lastModified": "2024-10-03T15:15:15.553", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Zohocorp ManageEngine Analytics Plus versions before 5410 and\u00a0Zoho Analytics On-Premise\u00a0versions before 5410 are vulnerable to Path traversal." + }, + { + "lang": "es", + "value": "Las versiones de Zohocorp ManageEngine Analytics Plus anteriores a 5410 y las versiones de Zoho Analytics On-Premise anteriores a 5410 son vulnerables a Path Traversal." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9106.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9106.json index 45cdf2be190..77f081bb870 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9106.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9106.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9106", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:05.267", - "lastModified": "2024-10-01T08:15:05.267", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during the social login. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. This is only exploitable if the app secret is not set, so it has a default empty value." + }, + { + "lang": "es", + "value": "El complemento Wechat Social login para WordPress es vulnerable a la omisi\u00f3n de autenticaci\u00f3n en versiones hasta la 1.3.0 incluida. Esto se debe a que no se proporciona suficiente verificaci\u00f3n del usuario durante el inicio de sesi\u00f3n social. Esto hace posible que atacantes no autenticados inicien sesi\u00f3n como cualquier usuario existente en el sitio, como un administrador, si tienen acceso al ID de usuario. Esto solo se puede explotar si no se configura el secreto de la aplicaci\u00f3n, por lo que tiene un valor vac\u00edo predeterminado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9108.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9108.json index 423a8137404..4272a7a1854 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9108.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9108.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9108", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:05.480", - "lastModified": "2024-10-01T08:15:05.480", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Wechat Social login plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'convert_remoteimage_to_local' function in versions up to, and including, 1.3.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible." + }, + { + "lang": "es", + "value": "El complemento Wechat Social login para WordPress es vulnerable a la carga de archivos arbitrarios debido a una validaci\u00f3n insuficiente del tipo de archivo en la funci\u00f3n 'convert_remoteimage_to_local' en versiones hasta la 1.3.0 incluida. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo. " } ], "metrics": { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9118.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9118.json index 9839822213b..482dac86f00 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9118.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9118.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9118", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T10:15:04.230", - "lastModified": "2024-10-01T10:15:04.230", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9119.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9119.json index 9fe78f9c008..0742e98542b 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9119.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9119.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9119", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:05.690", - "lastModified": "2024-10-01T08:15:05.690", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SVG Complete plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento SVG Complete para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la carga de archivos SVG en todas las versiones hasta la 1.0.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9145.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9145.json index 7f42d83441e..5739fd1631d 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9145.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9145.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9145", "sourceIdentifier": "9947ef80-c5d5-474a-bbab-97341a59000e", "published": "2024-10-01T08:15:05.913", - "lastModified": "2024-10-01T14:35:05.940", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9158.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9158.json index 88c8c94ff3d..325f0d5d0e8 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9158.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9158.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9158", "sourceIdentifier": "vulnreport@tenable.com", "published": "2024-09-30T17:15:05.407", - "lastModified": "2024-09-30T17:15:05.407", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de Cross-Site Scripting Almacenado en Nessus Network Monitor donde un atacante local autenticado y privilegiado podr\u00eda inyectar c\u00f3digo arbitrario en la interfaz de usuario de NNM a trav\u00e9s de la CLI local." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9172.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9172.json index e8a483f23c4..f75df066b70 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9172.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9172.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9172", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T08:15:02.960", - "lastModified": "2024-10-02T08:15:02.960", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9174.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9174.json index f277bff5055..7c6fb68e568 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9174.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9174.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9174", "sourceIdentifier": "security@m-files.com", "published": "2024-10-02T06:15:10.387", - "lastModified": "2024-10-02T06:15:10.387", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI" + }, + { + "lang": "es", + "value": "La inyecci\u00f3n de HTML almacenado en Social Module in M-Files Hubshare anterior a la versi\u00f3n 5.0.8.6 permite que el usuario autenticado falsifique la interfaz de usuario" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9194.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9194.json index 7c2dc727f5a..e214cdaf6d5 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9194.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9194.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9194", "sourceIdentifier": "security@octopus.com", "published": "2024-09-30T23:15:02.527", - "lastModified": "2024-10-01T15:35:17.550", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9204.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9204.json index a2c9df916ae..7a1ecf30f64 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9204.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9204.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9204", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:12.180", - "lastModified": "2024-10-04T05:15:12.180", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Smart Custom 404 Error Page plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_SERVER['REQUEST_URI'] in all versions up to, and including, 11.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Smart Custom 404 Error Page para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s de $_SERVER['REQUEST_URI'] en todas las versiones hasta la 11.4.7 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9209.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9209.json index 90713289daf..1de22ff7f01 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9209.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9209.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9209", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:06.110", - "lastModified": "2024-10-01T09:15:06.110", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Search Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.4.10. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento WP Search Analytics para WordPress es vulnerable a ataques Cross-Site Scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.4.10 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9210.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9210.json index 631bbef249d..42cb061157c 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9210.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9210.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9210", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T08:15:03.180", - "lastModified": "2024-10-02T08:15:03.180", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9218.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9218.json index bdf9a4d2cd4..a2baeb1cb4c 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9218.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9218.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9218", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T09:15:02.837", - "lastModified": "2024-10-02T09:15:02.837", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Magazine Blocks \u2013 Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.3.14. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Magazine Blocks \u2013 Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid para WordPress es vulnerable a ataques de Cross-Site Scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.3.14 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9220.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9220.json index e456097ecf4..7398b9e8ba8 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9220.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9220.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9220", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:06.613", - "lastModified": "2024-10-01T09:15:06.613", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The LH Copy Media File plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.08. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento LH Copy Media File para WordPress es vulnerable a ataques de cross-site scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.08 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9222.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9222.json index 988a50979ee..2ba70a74478 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9222.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9222.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9222", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T08:15:03.380", - "lastModified": "2024-10-02T08:15:03.380", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9224.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9224.json index 05ecfe51e41..053c4629691 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9224.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9224.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9224", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:07.190", - "lastModified": "2024-10-01T09:15:07.190", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 2.1.1 via the hello_world_lyric() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information." + }, + { + "lang": "es", + "value": "El complemento Hello World para WordPress es vulnerable a la lectura arbitraria de archivos en todas las versiones hasta la 2.1.1 incluida a trav\u00e9s de la funci\u00f3n hello_world_lyric(). Esto permite que atacantes autenticados, con acceso de nivel de suscriptor o superior, lean el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9225.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9225.json index 9d8fbbf0dc1..6f6e1794692 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9225.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9225.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9225", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T08:15:03.580", - "lastModified": "2024-10-02T08:15:03.580", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9228.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9228.json index 4edfbca15dd..2ea2498ea38 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9228.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9228.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9228", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:07.750", - "lastModified": "2024-10-01T09:15:07.750", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Loggedin \u2013 Limit Active Logins plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. This is only exploitable when the leave a review notice is present." + }, + { + "lang": "es", + "value": "El complemento Loggedin \u2013 Limit Active Logins para WordPress es vulnerable a ataques de Cross-Site Scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.3.1 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace. Esto solo se puede explotar cuando est\u00e1 presente el aviso de dejar una rese\u00f1a." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9237.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9237.json index b87284fa2ca..254dc5cf201 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9237.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9237.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9237", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:12.390", - "lastModified": "2024-10-04T05:15:12.390", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Fish and Ships \u2013 Most flexible shipping table rate. A WooCommerce shipping rate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.5.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Fish and Ships \u2013 Most flexible shipping table rate. A WooCommerce shipping rate para WordPress es vulnerable a Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.5.9 incluida. Esto hace posible que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9241.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9241.json index a33d4ce1766..b8dac2d061f 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9241.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9241.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9241", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:08.287", - "lastModified": "2024-10-01T09:15:08.287", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The PDF Image Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento PDF Image Generator para WordPress es vulnerable a ataques Cross-Site Scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.5.6 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9242.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9242.json index 74afe0e7f4c..611689f3f61 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9242.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9242.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9242", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T06:15:05.647", - "lastModified": "2024-10-04T06:15:05.647", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Memberful \u2013 Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'memberful_buy_subscription_link' and 'memberful_podcasts_link' shortcodes in all versions up to, and including, 1.73.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Memberful \u2013 Membership Plugin para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los c\u00f3digos cortos 'memberful_buy_subscription_link' y 'memberful_podcasts_link' del complemento en todas las versiones hasta la 1.73.7 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9265.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9265.json index 5e808a09709..b3d716c155a 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9265.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9265.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9265", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:08.810", - "lastModified": "2024-10-01T09:15:08.810", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles that can set during registration through the echo_check_post_header_sent() function. This makes it possible for unauthenticated attackers to register as an administrator." + }, + { + "lang": "es", + "value": "El complemento Echo RSS Feed Post Generator para WordPress es vulnerable a la escalada de privilegios en todas las versiones hasta la 5.4.6 incluida. Esto se debe a que el complemento no restringe adecuadamente los roles que se pueden establecer durante el registro a trav\u00e9s de la funci\u00f3n echo_check_post_header_sent(). Esto hace posible que atacantes no autenticados se registren como administradores." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9266.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9266.json index 41c8c5e45a6..cf8aa538444 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9266.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9266.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9266", "sourceIdentifier": "36c7be3b-2937-45df-85ea-ca7133ea542c", "published": "2024-10-03T19:15:05.027", - "lastModified": "2024-10-03T19:15:05.027", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the Express Response object. This issue impacts Express: from 3.4.5 before 4.0.0." + }, + { + "lang": "es", + "value": "Vulnerabilidad de redirecci\u00f3n de URL a un sitio no confiable (\"Open Redirect\") en Express. Esta vulnerabilidad afecta el uso del objeto Express Response. Este problema afecta a Express: desde la versi\u00f3n 3.4.5 hasta la versi\u00f3n 4.0.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9267.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9267.json index 4874851f20d..54b6ac5e0c7 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9267.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9267.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9267", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:06.103", - "lastModified": "2024-10-01T08:15:06.103", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Easy WordPress Subscribe \u2013 Optin Hound plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.4.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Easy WordPress Subscribe \u2013 Optin Hound para WordPress es vulnerable a ataques de cross-site scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.4.3 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9269.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9269.json index 5dfa18df499..27f36382dc8 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9269.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9269.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9269", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:06.313", - "lastModified": "2024-10-01T08:15:06.313", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Relogo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento Relogo para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la carga de archivos SVG en todas las versiones hasta la 0.4.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9271.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9271.json index 5f691b4676c..43f69fd7fe4 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9271.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9271.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9271", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T10:15:13.873", - "lastModified": "2024-10-04T10:15:13.873", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9272.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9272.json index f9dff730448..340386e092e 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9272.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9272.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9272", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:06.510", - "lastModified": "2024-10-01T08:15:06.510", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The R Animated Icon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento R Animated Icon Plugin para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de cargas de archivos SVG en todas las versiones hasta la 1.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9274.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9274.json index e8ac9251056..86f84beea1f 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9274.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9274.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9274", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:06.723", - "lastModified": "2024-10-01T08:15:06.723", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Elastik Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.27.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento Elastik Page Builder para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de cargas de archivos SVG en todas las versiones hasta la 0.27.4 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9279.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9279.json index 7aa0902a0f3..dfb0a52c4cc 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9279.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9279.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9279", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-27T12:15:04.857", - "lastModified": "2024-09-30T12:45:57.823", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-04T13:31:36.000", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,57 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:funnyzpc:mee-admin:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.6", + "matchCriteriaId": "6F2732A6-0660-4F1A-8697-8E666BEE92B8" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Armnying/Vulnerability-recurrence-sortin/blob/main/Mee-admin-xss.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.278661", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.278661", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.411118", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9289.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9289.json index a0a9b0f0362..40523858a6c 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9289.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9289.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9289", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T09:15:09.320", - "lastModified": "2024-10-01T09:15:09.320", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9304.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9304.json index 3b128030226..d0ea19a3d9d 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9304.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9304.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9304", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-01T08:15:06.943", - "lastModified": "2024-10-01T08:15:06.943", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The LocateAndFilter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento LocateAndFilter para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la carga de archivos SVG en todas las versiones hasta la 1.6.14 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9306.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9306.json index 8a35c49264b..f1f9aaf2c75 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9306.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9306.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9306", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T07:15:03.550", - "lastModified": "2024-10-04T07:15:03.550", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 10.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. In addition, site administrators have the option to grant lower-level users with access to manage the plugin's settings which may extend this vulnerability to those users." + }, + { + "lang": "es", + "value": "El complemento WP Booking Calendar para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s de la configuraci\u00f3n de administrador en todas las versiones hasta la 10.6 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con permisos de nivel de administrador o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a instalaciones multisitio e instalaciones en las que se ha deshabilitado unfiltered_html. Adem\u00e1s, los administradores del sitio tienen la opci\u00f3n de otorgar a los usuarios de nivel inferior acceso para administrar la configuraci\u00f3n del complemento, lo que puede extender esta vulnerabilidad a esos usuarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9313.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9313.json index 08b2884db0e..84d6558170c 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9313.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9313.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9313", "sourceIdentifier": "security@ubuntu.com", "published": "2024-10-03T11:15:13.940", - "lastModified": "2024-10-03T11:15:13.940", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9333.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9333.json index 64c80d4246a..3a9f371129a 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9333.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9333.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9333", "sourceIdentifier": "security@m-files.com", "published": "2024-10-02T06:15:11.113", - "lastModified": "2024-10-02T06:15:11.113", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation" + }, + { + "lang": "es", + "value": "La omisi\u00f3n de permisos en M-Files Connector para Copilot anterior a la versi\u00f3n 24.9.3 permite que un usuario autenticado acceda a una cantidad limitada de documentos mediante un c\u00e1lculo incorrecto de la lista de control de acceso" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9341.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9341.json index 80dc948e767..fdd77dd8a66 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9341.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9341.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9341", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-01T19:15:09.500", - "lastModified": "2024-10-01T19:15:09.500", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en Go. Cuando el modo FIPS est\u00e1 habilitado en un sistema, los entornos de ejecuci\u00f3n de contenedores pueden manejar incorrectamente ciertas rutas de archivos debido a una validaci\u00f3n incorrecta en los contenedores/librer\u00eda Go com\u00fan. Esta falla permite a un atacante explotar enlaces simb\u00f3licos y enga\u00f1ar al sistema para que monte directorios de host sensibles dentro de un contenedor. Este problema tambi\u00e9n permite a los atacantes acceder a archivos de host cr\u00edticos, evadiendo el aislamiento previsto entre los contenedores y el sistema host." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9344.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9344.json index 52170e4c117..d8cf1988b23 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9344.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9344.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9344", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T09:15:03.570", - "lastModified": "2024-10-02T09:15:03.570", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The BerqWP \u2013 Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' parameter in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento BerqWP \u2013 Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript para WordPress es vulnerable a Cross-Site Scripting reflejado a trav\u00e9s del par\u00e1metro 'url' en todas las versiones hasta la 2.1.1 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9345.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9345.json index 13dc6b094a0..0f2bd4a720d 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9345.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9345.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9345", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:12.607", - "lastModified": "2024-10-04T05:15:12.607", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Product Delivery Date for WooCommerce \u2013 Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. This is only exploitable when notices are present." + }, + { + "lang": "es", + "value": "El complemento Product Delivery Date for WooCommerce \u2013 Lite para WordPress es vulnerable a ataques Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 2.7.3 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace. Esto solo se puede explotar cuando hay avisos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9349.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9349.json index 538878de120..91b076198a1 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9349.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9349.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9349", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:12.820", - "lastModified": "2024-10-04T05:15:12.820", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Auto Amazon Links \u2013 Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 5.4.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Auto Amazon Links \u2013 Amazon Associates Affiliate Plugin para WordPress es vulnerable a Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape apropiado en la URL en todas las versiones hasta la 5.4.2 incluida. Esto hace posible que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9353.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9353.json index 1c31e062680..9a66d83bc75 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9353.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9353.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9353", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:13.037", - "lastModified": "2024-10-04T05:15:13.037", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Popularis Extra plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Popularis Extra para WordPress es vulnerable a ataques Cross-Site Scripting reflejado debido al uso de add_query_arg y remove_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.2.6 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9355.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9355.json index 45f7cf4c560..94b7436e8eb 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9355.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9355.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9355", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-01T19:15:09.793", - "lastModified": "2024-10-03T01:15:12.127", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9358.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9358.json index 7269f4e2853..329beb4d100 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9358.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9358.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9358", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-01T02:15:10.340", - "lastModified": "2024-10-01T02:15:10.340", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in ThingsBoard up to 3.7.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component HTTP RPC API. The manipulation leads to resource consumption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 3.7.1 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed on 2024-07-24 about this vulnerability and announced the release of 3.7.1 for the second half of September 2024." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en ThingsBoard hasta la versi\u00f3n 3.7.0 y se ha clasificado como problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida del componente HTTP RPC API. La manipulaci\u00f3n provoca el consumo de recursos. El ataque se puede lanzar de forma remota. La complejidad de un ataque es bastante alta. La explotaci\u00f3n parece ser dif\u00edcil. El exploit se ha hecho p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 3.7.1 puede solucionar este problema. Se recomienda actualizar el componente afectado. El proveedor fue informado el 24 de julio de 2024 sobre esta vulnerabilidad y anunci\u00f3 el lanzamiento de la versi\u00f3n 3.7.1 para la segunda mitad de septiembre de 2024." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9359.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9359.json index b5214904981..421da0e54d9 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9359.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9359.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9359", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-01T02:15:10.657", - "lastModified": "2024-10-01T02:15:10.657", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /addcompany.php. The manipulation of the argument company leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en code-projects Restaurant Reservation System 1.0 y se ha clasificado como cr\u00edtica. Este problema afecta a algunas funciones desconocidas del archivo /addcompany.php. La manipulaci\u00f3n del argumento company conduce a una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9360.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9360.json index 5c7c8bcc7fd..eb9ec52dc81 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9360.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9360.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9360", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-01T03:15:02.690", - "lastModified": "2024-10-01T03:15:02.690", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /updatebal.php. The manipulation of the argument company leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en code-projects Restaurant Reservation System 1.0. Se ha clasificado como cr\u00edtica. Afecta a una parte desconocida del archivo /updatebal.php. La manipulaci\u00f3n del argumento company provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9368.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9368.json index 37e8f3c19cb..db8b7bba79d 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9368.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9368.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9368", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:13.240", - "lastModified": "2024-10-04T05:15:13.240", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Aggregator Advanced Settings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento Aggregator Advanced Settings para WordPress es vulnerable a Cross-Site Scripting Almacenado mediante cargas de archivos SVG en todas las versiones hasta la 1.2.1 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9372.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9372.json index 504f755fbbb..861c1979e0c 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9372.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9372.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9372", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:13.440", - "lastModified": "2024-10-04T05:15:13.440", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Blocks Hub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento WP Blocks Hub para WordPress es vulnerable a Cross-Site Scripting Almacenado mediante la carga de archivos SVG en todas las versiones hasta la 1.0.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9375.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9375.json index 6bdf81c4725..3f61fa8dfc5 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9375.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9375.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9375", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:13.630", - "lastModified": "2024-10-04T05:15:13.630", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 4.0.36. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Captcha de WordPress de Captcha Bank para WordPress es vulnerable a ataques de Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 4.0.36 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9378.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9378.json index 5a575d2ba6b..3d12946818f 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9378.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9378.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9378", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-02T09:15:04.257", - "lastModified": "2024-10-02T09:15:04.257", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.7.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento YML para Yandex Market para WordPress es vulnerable a Cross-Site Scripting reflejado a trav\u00e9s del par\u00e1metro 'page' en todas las versiones hasta la 4.7.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9384.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9384.json index 8a4b1a4dd9f..f4f6f73b4d7 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9384.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9384.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9384", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:13.837", - "lastModified": "2024-10-04T05:15:13.837", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Quantity Dynamic Pricing & Bulk Discounts for WooCommerce para WordPress es vulnerable a Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 3.8.0 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9391.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9391.json index f7ec2a325b0..ab9ca19e6d7 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9391.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9391.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9391", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:10.510", - "lastModified": "2024-10-01T16:15:10.510", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible.\n*This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131." + }, + { + "lang": "es", + "value": "A un usuario que habilite el modo de pantalla completa en una p\u00e1gina web especialmente manipulada se le podr\u00eda impedir salir del modo de pantalla completa. Esto podr\u00eda permitir la suplantaci\u00f3n de identidad de otros sitios, ya que la barra de direcciones ya no estar\u00e1 visible. *Este error solo afecta a Firefox Focus para Android. Las dem\u00e1s versiones de Firefox no se ven afectadas.* Esta vulnerabilidad afecta a Firefox < 131." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9392.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9392.json index 64b8c39f48e..390dc936771 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9392.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9392.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9392", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:10.570", - "lastModified": "2024-10-01T19:35:08.990", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Un proceso de contenido comprometido podr\u00eda haber permitido la carga arbitraria de p\u00e1ginas de origen cruzado. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9393.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9393.json index af8d0406634..8e573ce71c6 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9393.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9393.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9393", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:10.623", - "lastModified": "2024-10-01T16:15:10.623", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Un atacante podr\u00eda, mediante una respuesta de varias partes especialmente manipulada, ejecutar c\u00f3digo JavaScript arbitrario bajo el origen `resource://pdf.js`. Esto podr\u00eda permitirle acceder a contenido PDF de origen cruzado. Este acceso est\u00e1 limitado a documentos del \"mismo sitio\" por la funci\u00f3n de aislamiento de sitios en los clientes de escritorio, pero el acceso completo de origen cruzado es posible en las versiones de Android. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9394.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9394.json index 1039ab627bb..35b6c729025 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9394.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9394.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9394", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:10.683", - "lastModified": "2024-10-01T16:15:10.683", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Un atacante podr\u00eda, mediante una respuesta de varias partes especialmente manipulada, ejecutar c\u00f3digo JavaScript arbitrario bajo el origen `resource://devtools`. Esto podr\u00eda permitirle acceder a contenido JSON de origen cruzado. Este acceso est\u00e1 limitado a documentos del \"mismo sitio\" por la funci\u00f3n de aislamiento de sitios en los clientes de escritorio, pero el acceso completo de origen cruzado es posible en las versiones de Android. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9395.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9395.json index ea26e3d7eb4..b418a606350 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9395.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9395.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9395", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:10.740", - "lastModified": "2024-10-01T16:15:10.740", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog.\n*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131." + }, + { + "lang": "es", + "value": "Un nombre de archivo especialmente manipulado que contenga una gran cantidad de espacios podr\u00eda ocultar la extensi\u00f3n del archivo cuando se muestre en el cuadro de di\u00e1logo de descarga. *Este error solo afecta a Firefox para Android. Otras versiones de Firefox no se ven afectadas.* Esta vulnerabilidad afecta a Firefox < 131." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9396.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9396.json index 5b94dc5744f..3bb0a664f64 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9396.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9396.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9396", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:10.790", - "lastModified": "2024-10-01T20:35:19.027", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Actualmente se desconoce si este problema se puede explotar, pero puede darse el caso de que la clonaci\u00f3n estructurada de determinados objetos pueda provocar da\u00f1os en la memoria. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9397.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9397.json index 17f5f860c28..dfa99c7d6a0 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9397.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9397.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9397", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:10.847", - "lastModified": "2024-10-01T16:15:10.847", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "La falta de un retraso en la interfaz de usuario para cargar directorios podr\u00eda haber permitido que un atacante enga\u00f1ara a un usuario para que otorgara permiso mediante clickjacking. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9398.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9398.json index afcf80202ff..1e8890cc1de 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9398.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9398.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9398", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:10.913", - "lastModified": "2024-10-01T16:15:10.913", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Al comprobar el resultado de las llamadas a `window.open` con controladores de protocolos configurados espec\u00edficamente, un atacante podr\u00eda determinar si la aplicaci\u00f3n que implementa ese controlador de protocolo est\u00e1 instalada. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9399.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9399.json index 621276c8f4e..f1b6db5a296 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9399.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9399.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9399", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:10.980", - "lastModified": "2024-10-01T16:15:10.980", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Un sitio web configurado para iniciar una sesi\u00f3n WebTransport especialmente manipulada podr\u00eda bloquear el proceso de Firefox y provocar una condici\u00f3n de denegaci\u00f3n de servicio. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9400.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9400.json index 8e86fa8b22f..2c58d8541c2 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9400.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9400.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9400", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:11.040", - "lastModified": "2024-10-01T19:35:10.277", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Se podr\u00eda desencadenar una vulnerabilidad de corrupci\u00f3n de memoria si un atacante tuviera la capacidad de desencadenar un OOM en un momento espec\u00edfico durante la compilaci\u00f3n JIT. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9401.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9401.json index 7e55a09f1a4..cc3ef52ddd6 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9401.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9401.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9401", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:11.100", - "lastModified": "2024-10-01T18:35:10.363", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Se han detectado errores de seguridad de memoria en Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2 y Thunderbird 128.2. Algunos de estos errores mostraban evidencia de corrupci\u00f3n de memoria y suponemos que, con el suficiente esfuerzo, algunos de ellos podr\u00edan haberse aprovechado para ejecutar c\u00f3digo arbitrario. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9402.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9402.json index 5a1c467393d..58ea5bb3b05 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9402.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9402.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9402", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:11.167", - "lastModified": "2024-10-01T19:35:11.270", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Se han detectado errores de seguridad de memoria en Firefox 130, Firefox ESR 128.2 y Thunderbird 128.2. Algunos de estos errores mostraban evidencia de corrupci\u00f3n de memoria y suponemos que, con el suficiente esfuerzo, algunos de ellos podr\u00edan haberse aprovechado para ejecutar c\u00f3digo arbitrario. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3 y Thunderbird < 131." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9403.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9403.json index fccc5c7d661..dd9a0a8a89d 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9403.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9403.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9403", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-01T16:15:11.233", - "lastModified": "2024-10-01T19:35:12.057", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131 and Thunderbird < 131." + }, + { + "lang": "es", + "value": "Errores de seguridad de memoria presentes en Firefox 130. Algunos de estos errores mostraron evidencia de corrupci\u00f3n de memoria y suponemos que con suficiente esfuerzo algunos de ellos podr\u00edan haber sido explotados para ejecutar c\u00f3digo arbitrario. Esta vulnerabilidad afecta a Firefox < 131 y Thunderbird < 131." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9405.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9405.json index f8596ec75bc..e7706310145 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9405.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9405.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9405", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-10-01T12:15:03.893", - "lastModified": "2024-10-01T12:15:03.893", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An incorrect limitation of a path to a restricted directory (path traversal) has been detected in Pluck CMS, affecting version 4.7.18. An unauthenticated attacker could extract sensitive information from the server via the absolute path of a file located in the same directory or subdirectory as the module, but not from recursive directories." + }, + { + "lang": "es", + "value": "Se ha detectado una limitaci\u00f3n incorrecta de una ruta a un directorio restringido (path traversal) en Pluck CMS, que afecta a la versi\u00f3n 4.7.18. Un atacante no autenticado podr\u00eda extraer informaci\u00f3n confidencial del servidor a trav\u00e9s de la ruta absoluta de un archivo ubicado en el mismo directorio o subdirectorio que el m\u00f3dulo, pero no de directorios recursivos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9407.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9407.json index 0a784384073..7ecc13d84b2 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9407.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9407.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9407", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-01T21:15:08.530", - "lastModified": "2024-10-01T21:15:08.530", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad en la opci\u00f3n bind-propagation de la instrucci\u00f3n RUN --mount de Dockerfile. El sistema no valida correctamente la entrada que se pasa a esta opci\u00f3n, lo que permite a los usuarios pasar par\u00e1metros arbitrarios a la instrucci\u00f3n mount. Este problema se puede aprovechar para montar directorios confidenciales del host en un contenedor durante el proceso de compilaci\u00f3n y, en algunos casos, modificar el contenido de esos archivos montados. Incluso si se utiliza SELinux, esta vulnerabilidad puede eludir su protecci\u00f3n al permitir que se vuelva a etiquetar el directorio de origen para dar al contenedor acceso a los archivos del host." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9411.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9411.json index 939ebdb5849..558cc78f540 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9411.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9411.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9411", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-01T20:15:05.630", - "lastModified": "2024-10-01T21:35:07.620", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:51:25.567", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic has been found in OFCMS 1.1.2. This affects the function add of the file /admin/system/dict/add.json?sqlid=system.dict.save. The manipulation of the argument dict_value leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en OFCMS 1.1.2. Afecta a la funci\u00f3n add del archivo /admin/system/dict/add.json?sqlid=system.dict.save. La manipulaci\u00f3n del argumento dict_value provoca ataques de Cross-Site Scripting. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9421.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9421.json index d8d42f54e11..8d74f3b6e2c 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9421.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9421.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9421", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:14.030", - "lastModified": "2024-10-04T05:15:14.030", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Login Logout Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Login Logout Shortcode para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'class' en todas las versiones hasta la 1.1.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9423.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9423.json index 7acee94eeca..50e84e659b4 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9423.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9423.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9423", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2024-10-02T16:15:11.250", - "lastModified": "2024-10-02T16:15:11.250", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a \u201cJPEG Unsupported\u201d message which may not clear, potentially blocking queued print jobs." + }, + { + "lang": "es", + "value": "Algunas impresoras HP LaserJet pueden experimentar una denegaci\u00f3n de servicio cuando un usuario env\u00eda un archivo JPEG sin procesar a la impresora. La impresora muestra un mensaje de \u201cJPEG no compatible\u201d que puede no borrarse, lo que podr\u00eda bloquear los trabajos de impresi\u00f3n en cola." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9429.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9429.json index a7b8ddf54ab..610e1d4d62d 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9429.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9429.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9429", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-02T13:15:12.617", - "lastModified": "2024-10-02T13:15:12.617", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /filter2.php. The manipulation of the argument from/to leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter \"from\" to be affected. But it must be assumed that parameter \"to\" is affected as well." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en code-projects Restaurant Reservation System 1.0 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /filter2.php. La manipulaci\u00f3n del argumento from/to conduce a una inyecci\u00f3n SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. El aviso inicial para investigadores solo menciona que el par\u00e1metro \"from\" se ver\u00e1 afectado, pero se debe asumir que el par\u00e1metro \"to\" tambi\u00e9n se ver\u00e1 afectado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9435.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9435.json index 41791087c94..bbc970290a1 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9435.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9435.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9435", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T07:15:03.857", - "lastModified": "2024-10-04T07:15:03.857", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and including, 4.9.66 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento ShiftController Employee Shift Scheduling para WordPress es vulnerable a ataques de Cross-Site Scripting reflejado a trav\u00e9s de claves URL en todas las versiones hasta la 4.9.66 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9440.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9440.json index 84768d5a922..9d993e911a1 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9440.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9440.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9440", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2024-10-02T19:15:15.880", - "lastModified": "2024-10-02T19:15:15.880", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Slim Select 2.0 versions through 2.9.0 are affected by a potential cross-site scripting vulnerability. In select.ts:createOption(), the text variable from the user-provided Options object is assigned to an innerHTML without sanitation. Software that depends on this library to dynamically generate lists using unsanitized user-provided input may be vulnerable to cross-site scripting, resulting in attacker executed JavaScript. At this time, no patch is available." + }, + { + "lang": "es", + "value": "Las versiones Slim Select 2.0 a 2.9.0 se ven afectadas por una posible vulnerabilidad de Cross-Site Scripting. En select.ts:createOption(), la variable de texto del objeto Options proporcionado por el usuario se asigna a un innerHTML sin sanear. El software que depende de esta librer\u00eda para generar listas de forma din\u00e1mica utilizando entradas proporcionadas por el usuario sin desinfectar puede ser vulnerable a Cross-Site Scripting, lo que da como resultado que el atacante ejecute JavaScript. En este momento, no hay ning\u00fan parche disponible." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9441.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9441.json index 8b2971eb773..4c22ab6e16e 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9441.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9441.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9441", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2024-10-02T19:15:16.100", - "lastModified": "2024-10-02T19:15:16.100", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality over HTTP." + }, + { + "lang": "es", + "value": "La serie Linear eMerge e3 hasta la versi\u00f3n 1.00-07 es vulnerable a una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo. Un atacante remoto y no autenticado puede ejecutar comandos arbitrarios del sistema operativo a trav\u00e9s del par\u00e1metro login_id al invocar la funci\u00f3n forgot_password a trav\u00e9s de HTTP." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9445.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9445.json index 118663e6172..cbdfccdfc30 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9445.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9445.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9445", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-04T05:15:14.230", - "lastModified": "2024-10-04T05:15:14.230", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Display Medium Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's display_medium_posts shortcode in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Display Medium Posts para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo abreviado display_medium_posts del complemento en todas las versiones hasta la 5.0.1 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9460.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9460.json index 44f0ceec7a2..71ce5b64f73 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9460.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9460.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9460", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-03T15:15:15.750", - "lastModified": "2024-10-03T15:15:15.750", - "vulnStatus": "Received", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en Codezips Online Shopping Portal 1.0. Se ha clasificado como cr\u00edtica. Se ve afectada una funci\u00f3n desconocida del archivo index.php. La manipulaci\u00f3n del argumento username provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9481.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9481.json new file mode 100644 index 00000000000..3534b13e928 --- /dev/null +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9481.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-9481", + "sourceIdentifier": "security@nortonlifelock.com", + "published": "2024-10-04T13:15:12.610", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@nortonlifelock.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.4, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@nortonlifelock.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html", + "source": "security@nortonlifelock.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9482.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9482.json new file mode 100644 index 00000000000..560dbc7e7ef --- /dev/null +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9482.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-9482", + "sourceIdentifier": "security@nortonlifelock.com", + "published": "2024-10-04T13:15:12.803", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@nortonlifelock.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.4, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@nortonlifelock.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html", + "source": "security@nortonlifelock.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9483.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9483.json new file mode 100644 index 00000000000..2eb72c1450d --- /dev/null +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9483.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-9483", + "sourceIdentifier": "security@nortonlifelock.com", + "published": "2024-10-04T13:15:12.980", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@nortonlifelock.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.4, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@nortonlifelock.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html", + "source": "security@nortonlifelock.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9484.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9484.json new file mode 100644 index 00000000000..375140944a2 --- /dev/null +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9484.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-9484", + "sourceIdentifier": "security@nortonlifelock.com", + "published": "2024-10-04T13:15:13.167", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@nortonlifelock.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.4, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@nortonlifelock.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html", + "source": "security@nortonlifelock.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9513.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9513.json new file mode 100644 index 00000000000..0866ca0684c --- /dev/null +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9513.json @@ -0,0 +1,133 @@ +{ + "id": "CVE-2024-9513", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-04T13:15:13.343", + "lastModified": "2024-10-04T13:50:43.727", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /controller/api/Answer/ReturnUserQuestionsFilled of the component HTTP POST Request Handler. The manipulation of the argument username leads to information exposure through discrepancy. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", + "accessVector": "NETWORK", + "accessComplexity": "HIGH", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.6 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 4.9, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.279212", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.279212", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.413498", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 12e8ff14bcd..079e514b612 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-04T12:00:18.697204+00:00 +2024-10-04T14:00:27.718839+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-04T10:15:13.873000+00:00 +2024-10-04T13:51:25.567000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,60 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -264462 +264478 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `16` -- [CVE-2024-9071](CVE-2024/CVE-2024-90xx/CVE-2024-9071.json) (`2024-10-04T10:15:12.903`) -- [CVE-2024-9271](CVE-2024/CVE-2024-92xx/CVE-2024-9271.json) (`2024-10-04T10:15:13.873`) +- [CVE-2024-47651](CVE-2024/CVE-2024-476xx/CVE-2024-47651.json) (`2024-10-04T12:15:12.710`) +- [CVE-2024-47652](CVE-2024/CVE-2024-476xx/CVE-2024-47652.json) (`2024-10-04T13:15:11.417`) +- [CVE-2024-47653](CVE-2024/CVE-2024-476xx/CVE-2024-47653.json) (`2024-10-04T13:15:11.563`) +- [CVE-2024-47654](CVE-2024/CVE-2024-476xx/CVE-2024-47654.json) (`2024-10-04T13:15:11.680`) +- [CVE-2024-47655](CVE-2024/CVE-2024-476xx/CVE-2024-47655.json) (`2024-10-04T13:15:11.797`) +- [CVE-2024-47656](CVE-2024/CVE-2024-476xx/CVE-2024-47656.json) (`2024-10-04T13:15:11.910`) +- [CVE-2024-47657](CVE-2024/CVE-2024-476xx/CVE-2024-47657.json) (`2024-10-04T13:15:12.023`) +- [CVE-2024-47789](CVE-2024/CVE-2024-477xx/CVE-2024-47789.json) (`2024-10-04T13:15:12.137`) +- [CVE-2024-47790](CVE-2024/CVE-2024-477xx/CVE-2024-47790.json) (`2024-10-04T13:15:12.260`) +- [CVE-2024-6400](CVE-2024/CVE-2024-64xx/CVE-2024-6400.json) (`2024-10-04T12:15:12.930`) +- [CVE-2024-8499](CVE-2024/CVE-2024-84xx/CVE-2024-8499.json) (`2024-10-04T13:15:12.380`) +- [CVE-2024-9481](CVE-2024/CVE-2024-94xx/CVE-2024-9481.json) (`2024-10-04T13:15:12.610`) +- [CVE-2024-9482](CVE-2024/CVE-2024-94xx/CVE-2024-9482.json) (`2024-10-04T13:15:12.803`) +- [CVE-2024-9483](CVE-2024/CVE-2024-94xx/CVE-2024-9483.json) (`2024-10-04T13:15:12.980`) +- [CVE-2024-9484](CVE-2024/CVE-2024-94xx/CVE-2024-9484.json) (`2024-10-04T13:15:13.167`) +- [CVE-2024-9513](CVE-2024/CVE-2024-95xx/CVE-2024-9513.json) (`2024-10-04T13:15:13.343`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `343` +- [CVE-2024-9384](CVE-2024/CVE-2024-93xx/CVE-2024-9384.json) (`2024-10-04T13:50:43.727`) +- [CVE-2024-9391](CVE-2024/CVE-2024-93xx/CVE-2024-9391.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9392](CVE-2024/CVE-2024-93xx/CVE-2024-9392.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9393](CVE-2024/CVE-2024-93xx/CVE-2024-9393.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9394](CVE-2024/CVE-2024-93xx/CVE-2024-9394.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9395](CVE-2024/CVE-2024-93xx/CVE-2024-9395.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9396](CVE-2024/CVE-2024-93xx/CVE-2024-9396.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9397](CVE-2024/CVE-2024-93xx/CVE-2024-9397.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9398](CVE-2024/CVE-2024-93xx/CVE-2024-9398.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9399](CVE-2024/CVE-2024-93xx/CVE-2024-9399.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9400](CVE-2024/CVE-2024-94xx/CVE-2024-9400.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9401](CVE-2024/CVE-2024-94xx/CVE-2024-9401.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9402](CVE-2024/CVE-2024-94xx/CVE-2024-9402.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9403](CVE-2024/CVE-2024-94xx/CVE-2024-9403.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9405](CVE-2024/CVE-2024-94xx/CVE-2024-9405.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9407](CVE-2024/CVE-2024-94xx/CVE-2024-9407.json) (`2024-10-04T13:50:43.727`) +- [CVE-2024-9411](CVE-2024/CVE-2024-94xx/CVE-2024-9411.json) (`2024-10-04T13:51:25.567`) +- [CVE-2024-9421](CVE-2024/CVE-2024-94xx/CVE-2024-9421.json) (`2024-10-04T13:50:43.727`) +- [CVE-2024-9423](CVE-2024/CVE-2024-94xx/CVE-2024-9423.json) (`2024-10-04T13:50:43.727`) +- [CVE-2024-9429](CVE-2024/CVE-2024-94xx/CVE-2024-9429.json) (`2024-10-04T13:50:43.727`) +- [CVE-2024-9435](CVE-2024/CVE-2024-94xx/CVE-2024-9435.json) (`2024-10-04T13:50:43.727`) +- [CVE-2024-9440](CVE-2024/CVE-2024-94xx/CVE-2024-9440.json) (`2024-10-04T13:50:43.727`) +- [CVE-2024-9441](CVE-2024/CVE-2024-94xx/CVE-2024-9441.json) (`2024-10-04T13:50:43.727`) +- [CVE-2024-9445](CVE-2024/CVE-2024-94xx/CVE-2024-9445.json) (`2024-10-04T13:50:43.727`) +- [CVE-2024-9460](CVE-2024/CVE-2024-94xx/CVE-2024-9460.json) (`2024-10-04T13:50:43.727`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 784d1b6ae69..a47fe8e8907 100644 --- a/_state.csv +++ b/_state.csv @@ -121458,7 +121458,7 @@ CVE-2018-2624,0,0,033f508c5ba4c3698be89358a54133556d7b385b4d27089a98da8c9c4ffc4d CVE-2018-2625,0,0,c50a1cadc572c06b7cc39c83786518c3de414879ebe1e1dae8606c908418d895,2020-08-24T17:37:01.140000 CVE-2018-2626,0,0,f8ff07150fd72d9fc5788531afa64dd7ce1c7099ea687ece753f6c39107dd85a,2019-10-03T00:03:26.223000 CVE-2018-2627,0,0,f22992a6ab5e1a4e817293d599267beec42d2d84c27d98a92eb02135a7c52123,2023-11-21T19:13:38.713000 -CVE-2018-2628,0,0,2e5e6fc507447bf314d8b3021ac3a20e7c9b0690a90adc5143ce7d11703f9f5d,2024-10-03T19:35:01.060000 +CVE-2018-2628,0,1,5054a1bc11f23caf3099da519fd28d232a8d9a95eec068ca9e0953c08ed19b83,2024-10-04T13:35:26.863000 CVE-2018-2629,0,0,e7eee96eefa24ad0e71dfc243040b2e0fdc9109793162267234f66b369bc3849,2023-11-21T19:10:47.953000 CVE-2018-2630,0,0,90ecafbe4d61a340f039dee907f73efa280955c16b953a357594dca6cdcc3415,2019-10-03T00:03:26.223000 CVE-2018-2631,0,0,42266c9fbef8463e4f910265ef2e1c9f5e76a9931ae3ba4f97268291b88e752f,2020-08-24T17:37:01.140000 @@ -170364,7 +170364,7 @@ CVE-2021-2452,0,0,bd43f6008417b79fdc74799daeacece8b59e1f5e071c7da9f160f2128025b9 CVE-2021-24520,0,0,ccad22cdf25a64918289b2174cb3952eb594e80aa4517a955b036ee050a762fd,2021-08-16T19:14:07.387000 CVE-2021-24521,0,0,fd6cbec3864d6efea816dc812011c58cd0b790a6d9533000d78918f4f50dbc98,2023-11-07T03:31:16.790000 CVE-2021-24522,0,0,eab1b59b3755ebf3a1d1324fe3d60fa8a4ec5cf5b2ae9aa9aa57ed6b8cdd772b,2023-05-26T19:38:26.543000 -CVE-2021-24523,0,0,f7eb4d06609e490e31f3eaa51dcba3681f83d5dc10327587f559d90cde4a4fac,2021-09-23T12:46:11.887000 +CVE-2021-24523,0,1,dd620a62e9d9ce168833d2e0cd87451255cd20e3b976ec8037176ad4f6539c07,2024-10-04T12:53:24 CVE-2021-24524,0,0,f8492807aba29219e26aaa22357e325c2a6e5ef69e655c9ca07d175bc31617d1,2023-11-07T03:31:16.883000 CVE-2021-24525,0,0,7302cd00214f117995d68f607f3d93cbce998b266a37b0a965f1b34a35edc7af,2021-09-28T02:46:24.830000 CVE-2021-24526,0,0,035ee1734128a2a8739834337fdcd2ffc34ec3492d7a30b783f42f4eea7aef82,2023-11-07T03:31:16.960000 @@ -179934,7 +179934,7 @@ CVE-2021-37571,0,0,8810bdea1e0d75d03e240d501b5268f30a1e86678a94e1f0084ada248d7d9 CVE-2021-37572,0,0,281c07dfa56f806afe8a253991bfe8f3f11a98fa249cc7aa15d0189bdbefced0,2022-01-06T17:48:54.300000 CVE-2021-37573,0,0,7a62febf8116992b0f2e78d77492937043d09c083776ae7d2f10c207efd03f0c,2021-08-17T12:51:19.657000 CVE-2021-37576,0,0,e34430bb99e453aab32f0d546a7eac30cb7e4a1ba3ddc5e07589a81e633a6e3f,2023-11-07T03:36:58.177000 -CVE-2021-37577,0,0,dcce2784ae4aaa3cb8fb9409daab13195c5e79c47fafd4224d2ee6f4b658ac43,2024-10-01T15:15:06.423000 +CVE-2021-37577,0,1,758592ffe72b54a9258c14b5d6355ad5a6e0dcbc91f9380d094322611f8e9e55,2024-10-04T13:51:25.567000 CVE-2021-37578,0,0,9c85acc83abe44ac1a15da9480215ac43f11754a5a9615af576198fc0797def1,2021-08-11T14:35:32.113000 CVE-2021-37579,0,0,9b4a5e1e4d0e07566dadc76198aebd7c7b97cb20e6feccf4056e349e554ad702,2021-09-17T15:54:55.787000 CVE-2021-3758,0,0,5a543d76efb308409cc43a5170931244d9fe9c47acf40afa5bdb66fa49ae3d1e,2021-09-10T18:05:03.760000 @@ -220742,8 +220742,8 @@ CVE-2023-27628,0,0,176c3cf57e1302bac3162dd42e3e76207da1fb023c372d2d5f044f1c866c2 CVE-2023-27629,0,0,c4d2da6334f5be3c49909e047aa89d2c4bb06200e798c088ca913fd481566a11,2023-06-28T03:28:24.817000 CVE-2023-2763,0,0,b6ea96a10e3266ffb0cd1899ac7657a3d47d6dcb9137d3656d61570245044b9a,2024-09-02T09:15:03.627000 CVE-2023-27630,0,0,176657f6d7d12e44edd847c38c689b1d20412e4e534519ebb43f06922177c6d2,2024-03-27T12:29:30.307000 -CVE-2023-27631,0,0,bf67eb6c7c125bc06bf9a8e0ecefa890e9fdff145457489ae7f0dcefc1e2b797,2023-06-28T03:27:49.077000 -CVE-2023-27632,0,0,7d63548d0abe85e0b0632ab7aaf41f7ead23df0f48603c9db3839cf29d10fa96,2023-11-17T19:29:14.953000 +CVE-2023-27631,0,1,10dc0e550e4aec03f99cfffce8136463bc901ee14f07c3edc5ebf6b72b5f6160,2024-10-04T12:53:24 +CVE-2023-27632,0,1,4d25f810ca4c0c329bbdaea569888c20444a1d0a71a22b21c6cc24fff0c9e977,2024-10-04T12:53:24 CVE-2023-27633,0,0,667915267380321c38091d3911cbba4db7ed7d4486126c4c2e607eb21aee4206,2023-11-30T19:19:27.577000 CVE-2023-27634,0,0,eaa23db8570d1347105bceb81f013c40b227ebf03b3ad9c57e98eb59567f5f06,2023-06-22T16:20:13.857000 CVE-2023-27635,0,0,a170767a3a9745c536f76deaac4974d5bd153d1fb1267ed8ca68c7bf522f58ac,2023-03-13T16:40:51.640000 @@ -226139,7 +226139,7 @@ CVE-2023-3440,0,0,1a877daf33bd818231d6f0cca9c8daf650f4c0a8ec65c438ad4d51de078b7f CVE-2023-34407,0,0,7b48fbcd24c42b1937e0204865ab3962e1fb506b1880e809796e0d99f7281c77,2023-06-09T19:39:30.837000 CVE-2023-34408,0,0,ab497b161f13721cbe002bc9c7bb5e3a76bb520b8b62425c891362cd30bd6b57,2023-06-09T18:44:52.567000 CVE-2023-34409,0,0,5649b1bf2b1bfc56a4f0163114eb23ef642d064c1b3e78335d05d9255d9b7387,2023-06-16T15:35:28.123000 -CVE-2023-3441,0,0,b645ff16e2f8a0c0ec7392217cb98be2c44103fedb485d7d94ee03e185b94d47,2024-10-01T10:15:02.997000 +CVE-2023-3441,0,1,b3f9bc5515dc286780756e0728706532c3f73a99bf500fb415631f70936fa7f9,2024-10-04T13:51:25.567000 CVE-2023-34410,0,0,89e2ec5297b1990024a1d9dbd597e5ac01bf1ef00c10394c557c176ff44f33d9,2023-11-07T04:15:35.107000 CVE-2023-34411,0,0,2c4af033a9de7244d37d41263d9aac5a70dfc95e6d2f499a459d10f1572af796,2023-06-13T13:15:09.173000 CVE-2023-34412,0,0,cc22dabf692ceefeb101b59fb57f747d23d540ea53da120e06fe8d1563c5eebd,2024-02-29T01:39:49.957000 @@ -228438,7 +228438,7 @@ CVE-2023-3781,0,0,de223095b5640bb80ec6a860227a648539e83fbab26d9846367892357c5900 CVE-2023-37810,0,0,0a875c94ff411e8048d52a2836b483c297b1d96f9dd1665554f4e1c2688af156,2023-11-07T04:17:07.757000 CVE-2023-37811,0,0,6b91d97ab0606f2517f2c9379dfa3d23ccf09cd6269504f98278ec72bb3d5c8c,2023-11-07T04:17:07.790000 CVE-2023-3782,0,0,2695b83fd02c6f700b03c27b710c853c5a14e90e0e0062d57122bca01fb76baf,2023-08-02T18:31:47.947000 -CVE-2023-37822,0,0,53d4d8b3b7ea73ea68c23390d025562d36ff8467daf6cd7b3c12f5db9a237e0a,2024-10-03T18:15:04.443000 +CVE-2023-37822,0,1,9ee74fa2d71a5f686cc33575e9264d7e643025929b1f62400d71830196042efc,2024-10-04T13:50:43.727000 CVE-2023-37824,0,0,67a1a0cd59a7f9d8d253762869647c68969ae7b19d7a8cc945ab595d6122a4fa,2023-10-28T03:47:39.197000 CVE-2023-37826,0,0,d47577469ae104e7a65a3d5dc49db2bb73b8c88342393d1572c2e0caa1fbdd79,2023-09-07T13:04:10.693000 CVE-2023-37827,0,0,3da8fd77a63742c2db490aa6c50c9a119b2ed1fc587338155f117da39a85ff4d,2023-09-07T13:03:44.377000 @@ -241233,7 +241233,7 @@ CVE-2023-7269,0,0,110b6fee8b2eb3cb456f239293a3205ab38d8cdb9856a830f8977329472aa4 CVE-2023-7270,0,0,c4a95bbd7a0e223852dd2f2d2c06a04667d14324aaf73c1dbbc09c6df6d4237c,2024-08-01T13:45:53.123000 CVE-2023-7271,0,0,d3dfbc895014f6fee39494b1979fe9a27f5d54abe140606ba373f42540f5c875,2024-07-26T18:19:28 CVE-2023-7272,0,0,cc43888de86ffd529fd218a38f2e0a497e79588d2ca6b5dec5063052cab77d6c,2024-07-18T12:28:43.707000 -CVE-2023-7273,0,0,b3a368d516e907dfc220d4dfba6a369f7b16c2f65121cca73e3a26ebaac6323b,2024-10-01T13:15:02.463000 +CVE-2023-7273,0,1,774cfced0b2ee4833f367ba7f35fc76f033b87073fddd91ce6539024f87d7d6e,2024-10-04T13:51:25.567000 CVE-2023-7279,0,0,f98ffb9aa7111762ac351724f18f9d9ee505a1023f26a13d8e9efc5698c9c712,2024-09-05T21:59:17.957000 CVE-2023-7281,0,0,0790d4bfb469f439660a23ce8eab8f87d3be095fc643fdfe8eec46cdbb17ca3a,2024-09-26T13:32:55.343000 CVE-2023-7282,0,0,f4fc1de03735b00b3526c9c4836a11bcc7904328f1e64bbcb0646541be7349bd,2024-09-26T13:32:55.343000 @@ -241337,10 +241337,10 @@ CVE-2024-0110,0,0,9d3ea028d3dde672136c07e8d052ddc3ffee906b5f050cc97127e00fa31f77 CVE-2024-0111,0,0,745fe4fa8ac2297a871814d16ec0cf5bf56a98c3501448d82308b7dc75a74f20,2024-09-18T15:22:14.727000 CVE-2024-0113,0,0,30ea5d78769c707d77ab5e88a1087a3bf4be86e316909498095d743b94b19e08,2024-09-11T17:34:37.667000 CVE-2024-0115,0,0,90525cb6d1df6f268f81b58c98763d2a78ce3017a9779cdc04eec9f2dd2bca4d,2024-09-11T17:24:27.393000 -CVE-2024-0116,0,0,adad8d5a6569e5102a9d95bdf9068d17c8ef5bd5a7c84947191f2698e1d6ce25,2024-10-01T05:15:11.920000 -CVE-2024-0123,0,0,3f2bda05f9db6e656b32ee9867126f5b63d30904e74fd72821e52f25bd1d0b31,2024-10-03T17:15:14.030000 -CVE-2024-0124,0,0,ba55e8a4f51f87900e4e6a87dc7f9c8173b630b7102dc5b004fdea543f186fb5,2024-10-03T17:15:14.253000 -CVE-2024-0125,0,0,2a7aa7c8e8710c09de8ec6fce6a3f4a449e2788c838a8cbc97b4878aca027921,2024-10-03T17:15:14.490000 +CVE-2024-0116,0,1,a6cbe3db55579100922047f237b056c0420ed7fe26ca2d3a7e613c461d344341,2024-10-04T13:51:25.567000 +CVE-2024-0123,0,1,b5d565031402caa204bf1a28725c0c192ecd3daa1b8bc8f4d37470664175216b,2024-10-04T13:50:43.727000 +CVE-2024-0124,0,1,65a7ca3fa08b021f3ead82c3260c63de7cee799b77a5f239ccc73202de671521,2024-10-04T13:50:43.727000 +CVE-2024-0125,0,1,4cf16bcca0b2fb9dbeaeffe86943f72316182719c400fbcdf4c939215efb61c9,2024-10-04T13:50:43.727000 CVE-2024-0132,0,0,f1d27ee91d38f95f18265c56576359c7b74449c09c2448ac9270cfde0a145c24,2024-10-02T14:45:36.160000 CVE-2024-0133,0,0,1869d101f5a07bee8a308ca6354c7bbc691223866612cf3986da3052ed18f6e1,2024-10-02T14:43:22.433000 CVE-2024-0151,0,0,e688008e47f7f2b2995cf15f9fce74bb525b3898f5e47db0ad5b6ce2aa86a255,2024-08-09T19:35:02.910000 @@ -243277,7 +243277,7 @@ CVE-2024-20360,0,0,b9376885f3bd33f8b376cfcd9d1a4c2997937c1a075603d8638d862812d3e CVE-2024-20361,0,0,8fc8c6bd1287a52550fd38650e66a5006a20e7eae1aa8f8c99b728af1c48ddd5,2024-05-22T18:59:20.240000 CVE-2024-20362,0,0,0fe85dbbc396fc356835f570820efb6142358d26355d59753469b06ab8b1d26f,2024-04-03T17:24:18.150000 CVE-2024-20363,0,0,fd62098992468346229d2c9f8f88c3a0bdc7312cacd90d8bf7a2b7925976c048,2024-07-03T01:46:06.070000 -CVE-2024-20365,0,0,9ac35643a14b4115b7c187beac895c8d8c440eb3244ed73c9e636f89defa28a7,2024-10-02T17:15:14.863000 +CVE-2024-20365,0,1,89ecc9de6b0dff233e09d1638a463d3b0d1dc6a812e8ce21115a2a1f25fdd12a,2024-10-04T13:50:43.727000 CVE-2024-20366,0,0,ce7e4ab0363f4b2934fc27a08480c4ec05827340dd08325d4de96e54b996f48f,2024-05-15T18:35:11.453000 CVE-2024-20367,0,0,0d59cd325b5448a23ac62ba4d011225bdec20c6d4a20e9044f14a66801d9654b,2024-04-03T17:24:18.150000 CVE-2024-20368,0,0,11ba77e6ca928b43fcf33bd9b64c67655ca382b15bfec85a328bbca787a43cf3,2024-04-03T17:24:18.150000 @@ -243289,13 +243289,13 @@ CVE-2024-2038,0,0,84783e34583c406994ceb062343516951516f0b07f0d721026ee845e3108d0 CVE-2024-20380,0,0,ed7ad99e229e06574506624c01ede2d6fb857cd8a1e722ec6a335ed1ef4a76e1,2024-04-19T13:10:25.637000 CVE-2024-20381,0,0,1d137d93b0598fd47692ad3c3d2e46a37f7acfa84f78f58b2c3c09528c8e86fc,2024-09-25T17:15:15.240000 CVE-2024-20383,0,0,3adbaddaf4554eb7166804e65fe9fdbf83fea813b82dd738821e310951cf1618,2024-05-15T19:15:07.900000 -CVE-2024-20385,0,0,681f7a9dddec2cafc08e3e1ee3d5736115f7fe839148bd2db8a126953b48d445,2024-10-02T17:15:15.110000 +CVE-2024-20385,0,1,1f5cf962e2d2aad28a0cf3e99950098220d06f15d5ed96a4db791e1a9720d29f,2024-10-04T13:50:43.727000 CVE-2024-20389,0,0,160949b8c6cf6fc5f7f18a2471e2354fcd0f701247dfba3a85f25095732dcffa,2024-05-16T15:44:44.683000 CVE-2024-2039,0,0,0fb3eb6d9df1cb8dd04206e4fde20555dc794b24595aa985157932f2a933450d,2024-04-10T13:23:38.787000 CVE-2024-20390,0,0,5a2907cab8e9bf15e845ea050c44bed3aeb43d2fce6592a7a3404a48f7d61dbb,2024-09-12T12:35:54.013000 CVE-2024-20391,0,0,901fcf36cebee039d4f38edb4044ef84c4f44829a18fc236320c17fd1b5f7286,2024-05-15T18:35:11.453000 CVE-2024-20392,0,0,94a9ebb2bcbc95d69522cf1a691e2eef5f012e7892caae86240bb4af40e4b8c2,2024-05-15T18:35:11.453000 -CVE-2024-20393,0,0,6a8ae6a5d98b5a27852168969ae6d1daa91d258030662c336f6a3ac851bb7ba3,2024-10-02T17:15:15.337000 +CVE-2024-20393,0,1,f95e74d87cf3bec277be995e3c0b16302e3c5ea8691ae1a4cd7ac984a1926c35,2024-10-04T13:50:43.727000 CVE-2024-20394,0,0,ef9256f36e7609b8b050262ee885b4f4c47119c80c5a1a8288a0a5eef0d4f23d,2024-05-15T18:35:11.453000 CVE-2024-20395,0,0,28ce7d382757f62de6c6fa8be8ab2c7d5b7fe481f67f112d437fdc5648f5ed0d,2024-07-18T12:28:43.707000 CVE-2024-20396,0,0,ab24e73adad18da7437bdd92525b27eaf5bf0f1df88229897bcf01b790a24b3d,2024-07-18T12:28:43.707000 @@ -243318,23 +243318,23 @@ CVE-2024-2042,0,0,148bfce3b5f48e2144e9167826ed5f6f120e539bf15296a435b2ce580e8b1f CVE-2024-20429,0,0,f467ae3dedce5a1f38518317999bbc8fc79bc2960eb95679505ee1fcb992ae20,2024-07-18T12:28:43.707000 CVE-2024-2043,0,0,7a3896d230f6f1ae602a08f92e2eaaa644b5893021849dee8a675eb9b7c81e88,2024-05-02T18:00:37.360000 CVE-2024-20430,0,0,10fa05ef1e262e03d3ec6f9856a4fd60e476d60000f282e33b3976f1a0227974,2024-09-18T18:56:05.510000 -CVE-2024-20432,0,0,9afe8e56de2f474245e53b7438e12b65e4560d02a3f69fb1fa2454f77ac4ba13,2024-10-02T17:15:15.550000 +CVE-2024-20432,0,1,ae387c98680851259e981de34ced419feacb83ea74f387c2687ef10104beb928,2024-10-04T13:50:43.727000 CVE-2024-20433,0,0,5e566651815d3cb842d80bb54328b0e8280ee578655d8a254f288aa4418bce20,2024-10-03T13:34:37.547000 CVE-2024-20434,0,0,880e05acefa3209e23abe1c6ab99bf4f9ab4fd2e1403678e2af13f0c181f3b38,2024-09-26T13:32:02.803000 CVE-2024-20435,0,0,bea0a896db86de220514ce1618de53b05523503910f680b3361f4c8bb8734dd9,2024-07-18T12:28:43.707000 CVE-2024-20436,0,0,41bc6e4345819d91a4b8a7e2df98b24823b53ecbe6191936af5242501e9ac76c,2024-09-26T13:32:02.803000 CVE-2024-20437,0,0,180b6b0015b269c98df26bf106a68aa4ffa1964219b67b451003fdc3def577fa,2024-09-26T13:32:02.803000 -CVE-2024-20438,0,0,f3d6c5fb0395310f3106449e7d7514e80194fac91de81eefde865f13ecb37ec7,2024-10-02T17:15:15.753000 +CVE-2024-20438,0,1,433a49554a99ba2894af916830134940ba261a91bf75a103d3e58f223133d7af,2024-10-04T13:50:43.727000 CVE-2024-20439,0,0,d6b5bcbae917ca310708f2b3bf5f6e48a7ee01ce537e933ecbd837bca81ceec5,2024-09-13T19:35:32.477000 CVE-2024-2044,0,0,20580816ecbcb2d456bf5030911ad2dbba893322604e54631bb30d65d5e1ff74,2024-08-01T13:49:39.293000 CVE-2024-20440,0,0,c9c53dc5c2cee258d8848cdc1782766d626f4ac361af7ec1e658341d1dc604f2,2024-09-19T13:42:41.017000 -CVE-2024-20441,0,0,ea7ec35099b3479b4a42dc1cec8b048cb09038cde53348977420d31e6502eef4,2024-10-02T17:15:15.967000 -CVE-2024-20442,0,0,dce46f9f985e9e115d9996e7eefe607767c670f164ae30e0b6a0d6faadde003c,2024-10-02T17:15:16.177000 +CVE-2024-20441,0,1,7f40f0e666de9b208691259a25eb0f98b274eedf311b70f1da03ede5bed2d65e,2024-10-04T13:50:43.727000 +CVE-2024-20442,0,1,2e2568d9087a1b7d033a35689c9d9079eb4d5f415b8817c275f07e58d2f6cd40,2024-10-04T13:50:43.727000 CVE-2024-20443,0,0,272afbe0465f6648950651b716899dcfcb722318ac954aaaf0e63544fb83de9e,2024-08-23T15:18:06.347000 -CVE-2024-20444,0,0,bbe205adb01d80650f424c608a627fdcc9c45f394d384bea90f956f34c6ed80e,2024-10-02T17:15:16.390000 +CVE-2024-20444,0,1,09aa7b9b6ea7246c8af5691217849afafe3273562f9dee6233fb2eb0ca042b43,2024-10-04T13:50:43.727000 CVE-2024-20446,0,0,e9357eb0aa4f61946fea3c9e67283cca574773e1e525326f07a38ede4840249f,2024-08-29T13:25:27.537000 -CVE-2024-20448,0,0,9c2556f7d1f0f64d32fa6bc38cdd8bff54cfbeaea06b86b28528329d348a558b,2024-10-02T17:15:16.597000 -CVE-2024-20449,0,0,841aae85b390779b5a1b3e9e068174d54cac131c7c210518d30c93691fa5019b,2024-10-02T17:15:16.820000 +CVE-2024-20448,0,1,f60c4de74991b240820e49aa13e947d1a372fae91142304fb832f4982d0f9d24,2024-10-04T13:50:43.727000 +CVE-2024-20449,0,1,700b8a5834fc556864223357b21963b7618274743e271604322223a026a8a07a,2024-10-04T13:50:43.727000 CVE-2024-2045,0,0,711ac9453656184dc732c4f4633f4f7bda646ec847d7f0c1c60c568976f58aa0,2024-03-01T14:04:26.010000 CVE-2024-20450,0,0,a40597aa01c7c808e6329a0cff711d7709db0a15729885e98911c863c6fe701c,2024-08-23T18:14:43.787000 CVE-2024-20451,0,0,616ab4cb2b50cee49c462941d4d3e48792a6a3c09b725bd97a134b2f4a53bec9,2024-08-23T18:14:11.137000 @@ -243347,9 +243347,9 @@ CVE-2024-20466,0,0,1f67211864766033ae7df34d7b817672b03d47284d690437051f747cfe419 CVE-2024-20467,0,0,c1af58980ccad99499fcb95639264b5a0614f69936f5a7ffc5edb35f8fbf6c29,2024-10-03T20:09:50.970000 CVE-2024-20469,0,0,394110c2afcd5812c9d147805c76bc56d743563b5c07576e0d27ad32427aafe0,2024-09-20T16:58:14.327000 CVE-2024-2047,0,0,65f16d2420b90c918e9e57877aac5f0440eb772d779ccbd58288e6312f3c8025,2024-04-01T01:12:59.077000 -CVE-2024-20470,0,0,8c0c2dcfad82fad1b1a98ebbc04e20c8f4c077d40f5ffed442e388ee70374b60,2024-10-02T20:35:31.370000 +CVE-2024-20470,0,1,3a6c91b60ea83bb6516db476572d92a84308ea53919f3021bf8dc8eae97d092f,2024-10-04T13:50:43.727000 CVE-2024-20475,0,0,3f291467cc737decf2fac9adb4dea13bddd59923e910f2a0d4abb07dc30557b9,2024-10-03T17:49:17.797000 -CVE-2024-20477,0,0,c50f95b5999c3ee6cce4ec009056fa2b4185b6ff8a367d09599ec578443f8d8d,2024-10-02T17:15:17.130000 +CVE-2024-20477,0,1,ffd8a6e7d00590562ae347484e377ce00ecaaae485378b0ac95b441d6f3cfce2,2024-10-04T13:50:43.727000 CVE-2024-20478,0,0,7159d6f0353997233b844f180b9acaa4a22410a663dfe8445f14235dd4611029,2024-08-29T13:25:27.537000 CVE-2024-20479,0,0,ced5b461eb6ab05478119ddf8b399bbc19a6ff248adc19d6fde8eab586c6db76,2024-08-23T15:14:45.913000 CVE-2024-2048,0,0,3fe9d949673d5eedf190595df45c4c7d30c6a66a4722ea0631f740f815dd3cc0,2024-06-10T17:16:25.067000 @@ -243359,36 +243359,36 @@ CVE-2024-20486,0,0,1ec7a6c2a991b67e11827b3b316fed30b5b5340988b303f9088e0f10e2e89 CVE-2024-20488,0,0,b3c319abc05ee7d52fc498f08ba4c2d91fe7b6f1527a7957b5c4a113170ee559,2024-09-06T17:18:11.813000 CVE-2024-20489,0,0,d68cce5506ad42f67e500e952ef8846db91b43a7e51bd083fc776681145c15d8,2024-10-03T01:40:11.637000 CVE-2024-2049,0,0,398a9eaf0287296877598afba029844504bbde28a3270479d8cbbb594cc11b40,2024-03-12T16:02:33.900000 -CVE-2024-20490,0,0,ec927651c32c903b11e9798fae33257de45aefb41a28e42aba7eeae99644d03a,2024-10-02T17:15:17.350000 -CVE-2024-20491,0,0,447e13224740a72f3cf370277e4a25a3f94d2b6121177e45dd771d452eb8b07c,2024-10-02T17:15:17.563000 -CVE-2024-20492,0,0,133fac4f14030aac16725c48ad6e12cc8163d4bd26fcc24e348b091eb8be4c04,2024-10-02T17:15:17.763000 +CVE-2024-20490,0,1,4ca409a18b703659285d1729387e1be77cc559d13478f47cbed53ecda2450599,2024-10-04T13:50:43.727000 +CVE-2024-20491,0,1,0a79d91a53d04263bb4c8185629e8e5a66d7893da4525848b84aa9563eddcee5,2024-10-04T13:50:43.727000 +CVE-2024-20492,0,1,d45f0e69ce4a6253787a6b6bc0d5b872a8c5e47bc9faf1d72efaf79d971a9f9f,2024-10-04T13:50:43.727000 CVE-2024-20496,0,0,127f60097f974f24aadc62900a388547cdf18c3a62d9e6416696d085e67625df,2024-09-26T13:32:02.803000 CVE-2024-20497,0,0,422eb4ecec5d7dd92ef5d49505af3bc2f0e220b53f5fa76471b6dd3d460b94cb,2024-09-05T12:53:21.110000 -CVE-2024-20498,0,0,9aef262f5bff3ec3ff093ec7811b892673de73b0852fabfb7252daf49dba7005,2024-10-02T19:15:13.870000 -CVE-2024-20499,0,0,c88062d590a0eeb9ed4f264299c4e3d8e5c81e6c3d34e0f5484f7400e5c73288,2024-10-02T19:15:14.143000 +CVE-2024-20498,0,1,811f573fdf849f64a1a17cb7dc08117b6557df81f93f5af88c08fe69f4784a9d,2024-10-04T13:50:43.727000 +CVE-2024-20499,0,1,a1e272916f5ac3954529fe0ac45ccd929a9bdc19fc885ae5ca4c2699f3333622,2024-10-04T13:50:43.727000 CVE-2024-2050,0,0,309a92deb7dc6d1c9b389273f8521ce493fa3e8c536f740883081c4cdf858e77,2024-03-18T19:40:00.173000 -CVE-2024-20500,0,0,26aa66036282187ee38cab859f424212e3edd7f673f8b872e8786b1920fe8da8,2024-10-02T19:15:14.350000 -CVE-2024-20501,0,0,dafc864027da3dacda46f6311212cc5b923d69e25e31c08a24f9974e2f0fc4e1,2024-10-02T19:15:14.570000 -CVE-2024-20502,0,0,d74f0b09c5dee90f57b924ab4201829613a75c79e268f8c28a0b20a1368efc1b,2024-10-02T19:15:14.780000 +CVE-2024-20500,0,1,728ebe9b30f483aa72f58dc016974a936927f3b996fab482be887e97f7328466,2024-10-04T13:50:43.727000 +CVE-2024-20501,0,1,dd1ce7a2eda40be6e7d6a73be810a9c6e8559dc777402fb6047989f8d9407c6c,2024-10-04T13:50:43.727000 +CVE-2024-20502,0,1,8c9173ebd0a7a87386c9294b01aeddf079ae7a31ce95a380249e84bc3f5923a7,2024-10-04T13:50:43.727000 CVE-2024-20503,0,0,e85721e4e1cede24d93f2a47467ca55ab63c155dde7e0c41a923091bcc7e874a,2024-09-13T19:24:37.420000 CVE-2024-20505,0,0,3cc28c634084a10df250df318d1f65f6c920a21d5650beb89eb991b35e09151f,2024-09-12T17:28:47.010000 CVE-2024-20506,0,0,b3839959ba904d7db54237791da3f84bfa0eea3b79a536a06b85b587186e3413,2024-09-12T17:26:37.643000 CVE-2024-20508,0,0,0768ac64a8260ad45d8462ad7e41dbfa97c47e8f324d81868ad4103c1f94fdd9,2024-10-03T14:43:23.810000 -CVE-2024-20509,0,0,73d5d98bf1f2b5bbc7fe8e16d7899127aeb3768c96ded8809b59effda16efc6c,2024-10-02T19:15:14.997000 +CVE-2024-20509,0,1,4e96bfeed20fc87cfd67abcda8e4cc3486b0f12cc8d86551bf2d62bf4a954baf,2024-10-04T13:50:43.727000 CVE-2024-2051,0,0,7b283f8057b783b668166a17f1e1ff3c63b74d0e0fa3f6b8acdcd7e3ce5a09c9,2024-03-18T19:40:00.173000 CVE-2024-20510,0,0,6fbdd0fde11e7a17f48951ee8a4206d5b5c8d1dcebb95035b098d9f8dc980dca,2024-10-03T14:52:22.627000 -CVE-2024-20513,0,0,8d7160be237827756b31b5e1e02cb410eb974b0a6e1ab0ff5d50700db62e50a2,2024-10-02T19:15:15.210000 -CVE-2024-20515,0,0,0d1ea5fc0395aeba8d912b33829b73c6e969e0e6b8085212bd58f0a2b6be4bc3,2024-10-02T17:15:17.973000 -CVE-2024-20516,0,0,07c81f6263ffabf8b1d2a73001a0fcf7e8a4965f15caa0bb6884fc278b2b4a16,2024-10-02T17:15:18.200000 -CVE-2024-20517,0,0,969af6eead693d2fcb8ede1efbf6a0f6bb85028e0ee6315d2fb937e7bc3da884,2024-10-02T17:15:18.417000 -CVE-2024-20518,0,0,a53e69d54de767534e5b85992f4736a54495e651d0cc9e7ba20057e6b1917cfb,2024-10-02T17:15:18.637000 -CVE-2024-20519,0,0,03929cac62fa50b8991b095c6ab97754cbf7b1971bb4fac47b68e70d367a28a2,2024-10-02T17:15:18.837000 +CVE-2024-20513,0,1,22f2a5c78dde109b88d7329dba049618eed47862c3f168802746df75ce0d0ee6,2024-10-04T13:50:43.727000 +CVE-2024-20515,0,1,37762317b845ebbc1a26d1cc435be256e4a1363db838d5ba07cc7d4f31295c90,2024-10-04T13:50:43.727000 +CVE-2024-20516,0,1,ca89ae8c961e3fe83d63a7fe9f486fc77eb121752c7fdcdcbae5766c380d33db,2024-10-04T13:50:43.727000 +CVE-2024-20517,0,1,af18e7bf3bf9768fc4fb6d573719f0fcf346bc1c0f85380c8024b22f8c827b2a,2024-10-04T13:50:43.727000 +CVE-2024-20518,0,1,c6554a6a58e54dba7d790fb1857ad4095718b0160bf3a94df09012d3f6edb6db,2024-10-04T13:50:43.727000 +CVE-2024-20519,0,1,5641320dd63c6b937e15405fec7827a27aaf051487ecc1dbf935bd26552fd2cb,2024-10-04T13:50:43.727000 CVE-2024-2052,0,0,b3dd7173b956ed9ab7dfaa381fa39b77e63aea1f604a72f8ac014b370895d6ab,2024-03-18T19:40:00.173000 -CVE-2024-20520,0,0,06d0bc3faa846706c688273d17cb961483e7a5d4478394e43483da9fee14e442,2024-10-02T17:15:19.050000 -CVE-2024-20521,0,0,516d9d1c2d87560684d5a622f6b1e5604f449cf1f4aedad1c3a8810b8e801cb9,2024-10-02T17:15:19.280000 -CVE-2024-20522,0,0,feb40575a0c32d2adb983c9b84f5d6f10aadd63215236f2284e450fd3982d5d3,2024-10-02T17:15:19.490000 -CVE-2024-20523,0,0,8c45695f65f7576d13a20c6cdc2eb52929e511b8ef2b7253add70c9a5f4302f4,2024-10-02T17:15:19.707000 -CVE-2024-20524,0,0,cefcbef896e744cbccb73890a15b1caf90e8cad7faa4e5f01be7bdda92685a1a,2024-10-02T17:15:19.930000 +CVE-2024-20520,0,1,80faf28d39c1d08b8393c63472c862eb51c0e3752a1a713fd08a34eff1a603e4,2024-10-04T13:50:43.727000 +CVE-2024-20521,0,1,a6a0ce3405010cae7dcc7d0ff9ec4d022cd9fa93e63ecb41392082cc053828bd,2024-10-04T13:50:43.727000 +CVE-2024-20522,0,1,f40626e9295d2b41cdc2b645320a288cfcde4079c98554e7c8c113255a45a561,2024-10-04T13:50:43.727000 +CVE-2024-20523,0,1,5dbd4779a93a725f19ad3ad3b2a973930f5f7b80546bb624d689cc2932a4e949,2024-10-04T13:50:43.727000 +CVE-2024-20524,0,1,4c728d11177ab96ab3ebc5a3f47071c385afb1c500201b9d1b89d05c7fb33afd,2024-10-04T13:50:43.727000 CVE-2024-2053,0,0,0d41c4e474c0960eb5e2399ded25845c51347c47ec843b53809f61d1e3d8fe3e,2024-08-06T15:35:13.397000 CVE-2024-2054,0,0,5af7272a2140be959232b9c889b5facdacd3c4cf8342e14293010d7ec8d01b60,2024-08-05T20:35:09.723000 CVE-2024-2055,0,0,07b933beaff1c6c6636c1d85ffcd111ff83285195075526678d7cb747831ae01,2024-08-26T16:35:08.047000 @@ -244168,7 +244168,7 @@ CVE-2024-21483,0,0,ddfb5ce914fa1ff56560fa86379b92a602e5ea04b740e3571ddfa8961d666 CVE-2024-21484,0,0,170e730118f02f10a6e5229db7c5eef4d192db3745e0e44dbc53ab2277157f67,2024-03-06T14:15:47.533000 CVE-2024-21485,0,0,5dac3ea1a637c42101b33e62955da26f7c5ea3ebfcf697d6c5d1918b66c865e0,2024-03-06T14:15:47.760000 CVE-2024-21488,0,0,83c39f70c0498b72911f550d6611f69059c8c9cdf3b0f0904578cd793bad095a,2024-02-08T13:15:09.700000 -CVE-2024-21489,0,0,36540101f5fdf2d6688c984b415445d50b1e5b8b22bb291a69a3c690f733eaf0,2024-10-01T05:15:12.227000 +CVE-2024-21489,0,1,6e86fec7408d381a4d3031befda9d6c352fa47e8cee94c50201daa0dfff4032f,2024-10-04T13:51:25.567000 CVE-2024-2149,0,0,63aa7f0d2a03697c39fae7a40d96338e0e86a5e57c9276eb9e14dee434e327b9,2024-05-17T02:38:04.480000 CVE-2024-21490,0,0,e17a653e77f03eb73e8c36ea364bdcd13a9ebc47ed80c4249ba6d2a59b83412c,2024-05-14T14:54:54.393000 CVE-2024-21491,0,0,1769048d774ec4b234c998b8669c71a35a58efdc743d738c18d816115ffbebfb,2024-03-06T14:15:48.020000 @@ -244213,8 +244213,8 @@ CVE-2024-21527,0,0,5f68d3fcedc529f8c61b21687ff27d1dfc424d6b1048d7df4e422495549fd CVE-2024-21528,0,0,20243e12426582c16920a0ab3a8036a5493484e122893e1731a0b03945a2d62b,2024-09-10T12:09:50.377000 CVE-2024-21529,0,0,664e585ecfec877dc16e4d09f63918fa2af81f0c56860c291a634c3448dac725,2024-09-11T16:26:11.920000 CVE-2024-2153,0,0,d3abacc4f79f5ae0d18412563134adcd72e3650da9619fcc6b902801eca849d9,2024-05-17T02:38:04.867000 -CVE-2024-21530,0,0,9047e317b293f5aa790c4706778f022be30afa76b99a5d32db880b7032e0d33b,2024-10-02T05:15:11.300000 -CVE-2024-21531,0,0,2b9ed23aaafa91e39b01eff409d264c9c679eac5ddcacfd84b1a76246c79022e,2024-10-01T05:15:12.440000 +CVE-2024-21530,0,1,1cd9789884a1ce72dfeb1a860d1947cabd2b932563c54dc2308d1b3820957324,2024-10-04T13:50:43.727000 +CVE-2024-21531,0,1,556b4244c50c270222e18b4d703d3656d63fc81c95a1cab5391fb75a68df3d26,2024-10-04T13:51:25.567000 CVE-2024-2154,0,0,ab5f0b39bb38e5c25606bad964d563e0edda059ff34db22b99ca2b3670b021ff,2024-05-17T02:38:04.970000 CVE-2024-21545,0,0,614ed901d7a98204a096c9331020afa9e58729de6a0c722ccca7898674ea9a4d,2024-09-26T13:32:02.803000 CVE-2024-2155,0,0,499612150b3a1be829ef430bb3388eb54a55d7bb52271f37f2a76ceb8af6c56f,2024-05-17T02:38:05.063000 @@ -246007,10 +246007,10 @@ CVE-2024-24110,0,0,b91e0667b741539acf0bc7d56bc991a8af3faad432f643fce10a70024996d CVE-2024-24112,0,0,e05a2ccd4a40e41b3c6d79bc1f9770cc005c79fa7de82e88e339324b8fc41d91,2024-02-12T17:36:55.950000 CVE-2024-24113,0,0,f7b5b4db5df224f9c2c197ed33da223fb2b18c71499ac4c36636a1bea8905e79,2024-02-15T03:07:46.013000 CVE-2024-24115,0,0,959ac6be43ec58da6f6ede6694d707dcfda2d4bcc05d8a9e959ca4fb89f11460,2024-02-15T16:01:23.457000 -CVE-2024-24116,0,0,1fb57d991c7d3c7709509dc48134d941fc618e7d1df82a6e038d2124b38011c0,2024-10-02T19:15:15.463000 -CVE-2024-24117,0,0,882420e805a60c8ed54afad539675d8a1018ca39d647a96a39be86bcc448dae7,2024-10-02T21:15:13.300000 +CVE-2024-24116,0,1,5d6d27153b18e38eb00032f23817768e279d10ef41bee1a2219740d5db7f2ffc,2024-10-04T13:50:43.727000 +CVE-2024-24117,0,1,2d10b248c1e27793764d33b55451a8b7892073aa7be5781d64ecd822caf24f75,2024-10-04T13:50:43.727000 CVE-2024-2412,0,0,5eb3e084c15080bce88063a202edef708e748222aace75a3232d4d6b3f448d19,2024-03-13T12:33:51.697000 -CVE-2024-24122,0,0,69d967ebf40b54e45a668d0b49689bfdce3e6335b099ae02042d27c589476672,2024-10-02T18:15:04.957000 +CVE-2024-24122,0,1,088e2aeb4d3917a1b2e3f1f837b20a38954e4a435f2397d89aae32252b8cb826,2024-10-04T13:50:43.727000 CVE-2024-2413,0,0,bcce963a476349e5182596e9d4a6b2abe57a4b3c6a7908768bff05824ae06fd2,2024-03-13T12:33:51.697000 CVE-2024-24130,0,0,3711a524e7aaabb83e56488f8a369c6a69a909641f1667882c43871af5a9c3a7,2024-07-03T01:48:12.487000 CVE-2024-24131,0,0,8a34d68fbe59589499b97058e1cc5501abd20303216cfd95ea1911115864db68,2024-02-12T14:32:43.777000 @@ -246885,7 +246885,7 @@ CVE-2024-25582,0,0,62d9159e0b1a2860275799366d4e29ceadc17aa10726dd8de14b9c6e306d7 CVE-2024-25583,0,0,6e3f5afaa55d00544b0a17a1114934680c9d4fc2071988d62cf80e5688bf7955,2024-05-01T17:15:29.917000 CVE-2024-25584,0,0,2d8bdb0066559b2774456287e22ee7b687bbac351295e03866c9ba9e1ad15ea5,2024-09-06T16:46:26.830000 CVE-2024-2559,0,0,642c1f03947aacfb3c18bcf4d539f5f80f1fa8009f630aa1b6518220561e974a,2024-05-17T02:38:19.053000 -CVE-2024-25590,0,0,ec62b38920901d041d024f837467517869fd97d6fd84238046e0c02a31ac1d03,2024-10-03T16:15:04.643000 +CVE-2024-25590,0,1,041a5219ccd9beca1f8f6936f2b63149d8aca7770e5c7c6cf0ad2d54955bd2fb,2024-10-04T13:50:43.727000 CVE-2024-25591,0,0,e315c0ed01e598ec7e003ff81cc81e0d8a90e92647ce95f4238660e2e3cb63e0,2024-03-17T22:38:29.433000 CVE-2024-25592,0,0,13e401ed83dddc5e0ca4a766450281e95f13649cc9bdbd70b9d6ebf050e92c48,2024-03-15T16:26:49.320000 CVE-2024-25593,0,0,509e94dc9c7e52223734283d87bd6053656aae978a76d3d64bad969d115fd115,2024-03-15T16:26:49.320000 @@ -246929,7 +246929,7 @@ CVE-2024-25629,0,0,ddcad0078b57ad6a983c41f65309abceb6903dae44fc54a92c56dcc31e42c CVE-2024-2563,0,0,f27f9483fb5da6088dc2485a49b6aec5dfafca82d3498b35d814764d5e89ddd9,2024-05-17T02:38:19.417000 CVE-2024-25630,0,0,306917c09bdc07e4318e88be00444c17dbe2150b8da032a761ce6c8a24ea3cf0,2024-02-20T19:50:53.960000 CVE-2024-25631,0,0,4f2bd06a701d340628585c4bae77dca605819fa4840f39cbd3a6e9a77b48a46d,2024-02-20T19:50:53.960000 -CVE-2024-25632,0,0,73cf041de2a9590520704a09b36a411f90827a6a0cc95b2383fe9774baa28f66,2024-10-01T15:15:07.383000 +CVE-2024-25632,0,1,b68c5c7b48c3b3a797a7e4a42e8dc76f94b51dfd0d1630102cc28fcacfe63aec,2024-10-04T13:51:25.567000 CVE-2024-25633,0,0,8f3bc7cc7c9a4241bc99f6374c1ed242f15ae20363f1ea6068a530f0bc22ac24,2024-08-19T14:15:21.880000 CVE-2024-25634,0,0,a6c0976398d76132e45109770c34649b9cd1b53574ce636d0b3d3dba0d5b6a39,2024-02-20T19:50:53.960000 CVE-2024-25635,0,0,0396aede9a718a4992e7575bb30a0d211bf1d85759070350344147d63377b4eb,2024-02-20T19:50:53.960000 @@ -246956,11 +246956,11 @@ CVE-2024-25654,0,0,1d8c485b666617bf15e2be3bf3f059ab8542011fba9b3f67352ac0a3b72fe CVE-2024-25655,0,0,873187155e7b44c80bfdf0f8ac9cdfc6130f961d8321802657052de226969501,2024-08-28T16:35:15.510000 CVE-2024-25656,0,0,dd2a757ac88e60c65e553326c3978a5d90dbd260cb747593d758355402513e97,2024-08-02T16:35:36.647000 CVE-2024-25657,0,0,4b43facfdcb326ebfd5828d4d462b595cdd46fa54d1b75d686b3ce7b78fb312c,2024-08-22T20:35:04.950000 -CVE-2024-25658,0,0,f09508debc7eed82221938be7b993c0160818aa241ddbeae9e878f31f37fca08,2024-10-01T15:15:07.640000 -CVE-2024-25659,0,0,e243ce9030582146f2f06c628d6032baed4429ba1e3bb6f5631d56029f34cf07,2024-10-01T18:35:06.917000 +CVE-2024-25658,0,1,5d7d9f6c607ce679fe745df88526faf66f3925deb07d785c1e5709aae1ecc414,2024-10-04T13:51:25.567000 +CVE-2024-25659,0,1,88174b778d870fdc12ed643f568e9458232b4f95d93f07523e7da51acad700a8,2024-10-04T13:51:25.567000 CVE-2024-2566,0,0,087689b93c35b2d23260489bf51254e9dbbd90f4e3c3903cdc8f028cf28ab7f4,2024-05-17T02:38:19.710000 -CVE-2024-25660,0,0,00be2a86b19b7b85d17c4c9f5b4bc90225a5d5112c345c0347406e7d2223b9d0,2024-10-01T18:35:07.807000 -CVE-2024-25661,0,0,b2add6eeddb71dfa6f29717e48f88f16d7fabe3cb3344824a313325dcf3b42aa,2024-10-01T15:35:11.597000 +CVE-2024-25660,0,1,ad712a4e222b0c88ffa7f36ff960afdbc7e9f638af83533eaaaec2072a0dad26,2024-10-04T13:51:25.567000 +CVE-2024-25661,0,1,d62ae2da0c147daa882078e5dee413b7ca84b663d7dec27b4446fedce1ad0298,2024-10-04T13:51:25.567000 CVE-2024-25662,0,0,731e4a5b21d04f93342e67f003659a0e732cf91f4619ab2aeea54741b462d915,2024-05-14T16:13:02.773000 CVE-2024-2567,0,0,894c1cbf5b078d66a72f8e7a485b38287a781715f51ccca3dd4b9958cfc1e069,2024-08-01T20:15:15.443000 CVE-2024-25673,0,0,020bf3214c5ffa87859d3ca28dd29461160bdf033b62023050f62c5799071658,2024-09-24T19:08:32.737000 @@ -249327,14 +249327,14 @@ CVE-2024-2880,0,0,c617aabe27a476530f11dd1aff9d0e70b8bc9314c3647a1cac79a81958f4d9 CVE-2024-28804,0,0,f7e3d6c3e14215e831a96b931ea15f5f72cb16cc7bfabd09d8b34530beca586f,2024-08-01T13:49:18.607000 CVE-2024-28805,0,0,57ffe0c5396b469d1d6aea3771a149218b95fafbad9b52c6f522fc5113787118,2024-08-01T13:49:19.450000 CVE-2024-28806,0,0,b0870c92c612bc52e55ac5da958c74e320d7e205346206836a7ae598363f9d27,2024-08-05T11:35:01.757000 -CVE-2024-28807,0,0,83b14dc7c5da0417f9c8d19ad20639794f99d122665bf4bfc848d30f9c7a4b5a,2024-09-30T21:35:02.137000 -CVE-2024-28808,0,0,f4827b12797436b71651eee6d05fef0dde007478c4230f589b71c1339f0849f6,2024-09-30T21:15:03.493000 -CVE-2024-28809,0,0,933e9d1ac43cfbbf9825b81f6a6a7aa995073faa04a1311a955c3890de364b13,2024-09-30T21:35:03.053000 +CVE-2024-28807,0,1,5a4650d9d919dd00d60ada425df7221ee51ecb76af44fdd9eca355c706e3553b,2024-10-04T13:51:25.567000 +CVE-2024-28808,0,1,e2707d0256028ba4fdef94248719fe3b54bec857fab5ab8ef9c9d36dc0c8edcd,2024-10-04T13:51:25.567000 +CVE-2024-28809,0,1,32a8202bed4dd3b9abf5e0e2fc819e903ef58b53b2fb296a3ab4e72cb018ad65,2024-10-04T13:51:25.567000 CVE-2024-2881,0,0,65fc535be8a815e92053ae1d797e8977602b99048c471a2a98041135b70a0df9,2024-09-04T14:27:24.057000 -CVE-2024-28810,0,0,a4700afe4ca601602dd660abb49fe0f499db83de408d31f71f9a070fed7d08b2,2024-09-30T21:35:03.830000 -CVE-2024-28811,0,0,9bc658dba52b6664d430eb6e2b56d170971838fbccfd368ec19cbd2184be333a,2024-09-30T19:15:04.060000 -CVE-2024-28812,0,0,ee5aa89b11e12f70e7819416536106fce2cfc893e2987b73362da0544bdc452e,2024-09-30T19:35:03.620000 -CVE-2024-28813,0,0,db3e15ae2a6ac7f890048b08fe1fb750ad791ad1c28bbdf08ac8d6db90a63165,2024-09-30T19:35:04.427000 +CVE-2024-28810,0,1,3739176212869d56c3a3e998caee9cc2562b0d9aff07961502c94d248b44c109,2024-10-04T13:51:25.567000 +CVE-2024-28811,0,1,1a121678723ae76a3ec6f23b0047a6bb1341e5c28eedd18f7304785a080aa64f,2024-10-04T13:51:25.567000 +CVE-2024-28812,0,1,6ce4bb24c8d3ff2ae14d2bb074aff81a0b38547ab36fea452d98f50ad763c76a,2024-10-04T13:51:25.567000 +CVE-2024-28813,0,1,a8769f0cee836e0100e740c2b3dc0d0f6a6cc1df5477702a5cd8132b21bf5a79,2024-10-04T13:51:25.567000 CVE-2024-28815,0,0,a66a592511ffd5b563fa083295811494fe79ce7c34bc79ae02ae7f38cd9af9c2,2024-08-01T13:49:20.227000 CVE-2024-28816,0,0,75a949219f8a896ffef945213a1610d3de2a2cf64da977b1d4287b567e2864da,2024-09-06T17:35:06.960000 CVE-2024-28818,0,0,553ea080520e3ef7d7c194b1130a084d77d8e937a2b2bb8942609e2870cc98f5,2024-06-27T16:43:48.633000 @@ -249391,7 +249391,7 @@ CVE-2024-28882,0,0,1c2deedb6322663ef74bf2fde692de72490de1c075113953e26f68fdd4a28 CVE-2024-28883,0,0,7608553831e95dbd64a1629b16235d631ce647c64db4d36e5f31f95004223611,2024-05-08T17:05:24.083000 CVE-2024-28886,0,0,c5e838328be71c5eb5c783cfb3d7b29e0393c19c1f2fbf543fbfcbc9ad011077,2024-07-03T01:51:54.130000 CVE-2024-28887,0,0,02788ece8fafa84414db815e90d6fbdcb64e36e799546da1d80bab49ab148ef2,2024-09-12T18:51:49.010000 -CVE-2024-28888,0,0,36041fdb83600ed05f8904000b430d770c60b5fe7ee76e9e3efe8d6d46a031c2,2024-10-03T16:15:04.900000 +CVE-2024-28888,0,1,0a0685c2d4a71ea12b4ebe26159ae33419b61b8f4d743bb376f595b14c742d97,2024-10-04T13:50:43.727000 CVE-2024-28889,0,0,75e96a359aa914e62263deca001066e2c2cef2ce9a8bba57feb8d1aeb144a69f,2024-05-08T17:05:24.083000 CVE-2024-2889,0,0,28ef4975b1d9f79ab7d0703313acc039b0acfd9d3a75a1a425d92dbe5c73a986,2024-03-26T12:55:05.010000 CVE-2024-28890,0,0,75d08f12fbd468307e29dd7cbe4c7c3d5acf11ae18647e40fe18f61a37a2bd23,2024-07-03T01:51:54.973000 @@ -250281,7 +250281,7 @@ CVE-2024-30126,0,0,1dc4258efb62007b2fcf00852fe3af92d237972fa2c163c391fddf8c594d1 CVE-2024-30128,0,0,c924b379265c859e8daf7f44eeec6d1dc40d7540b45d81bbd3137e5592a1e7b5,2024-09-26T13:32:02.803000 CVE-2024-3013,0,0,6f68abb10d211d077c48c60372c20fba216cedafa08cc66982d3e5be234b2590,2024-05-17T02:39:40.710000 CVE-2024-30130,0,0,8448ce55a01a9b4e45eabf08a2080330d22dcd23bef5d840e0a0228a0f910b0f,2024-07-19T13:01:44.567000 -CVE-2024-30132,0,0,8fcf5dc81a90dbb24fa46a4fa7f8b6018a9310562a36a267ef5456f9c823a500,2024-10-01T12:15:03.687000 +CVE-2024-30132,0,1,d28dba625ab77e996b8cb668352fb269b79ffb2e68c4534382d629509be7836a,2024-10-04T13:51:25.567000 CVE-2024-30134,0,0,b5401f953dda8a57b606a9ace80dca0a0a00325ba4573c5e6f1c325a9f248829,2024-09-30T12:46:20.237000 CVE-2024-30135,0,0,434c5499719264a4e2ad07af1f36d8ed1af6151b19467e0009865806919aee63,2024-06-28T10:27:00.920000 CVE-2024-3014,0,0,c46983235075ad6c61a858c21d5be28ec226124df8363686d4a4d1cade05d3fc,2024-05-17T02:39:40.800000 @@ -250688,7 +250688,7 @@ CVE-2024-30556,0,0,e69233496d05a5aabce18d433e9ca2e5223239355a0fa678f93d89e5f2275 CVE-2024-30557,0,0,7d175e1542d96c0a09750c55f6339c21eedf49d306c5f65cdc0e1b0224f24694,2024-04-01T01:12:59.077000 CVE-2024-30558,0,0,2fd7f40103c9e6c9a5c23a9c51b6730af182169ea1b29c57e5612e917c42a577,2024-04-01T01:12:59.077000 CVE-2024-30559,0,0,7bb411cba178991a1e753b9b344d96e6c257adaaf46f6d70bda139a8b3d1fbcb,2024-04-01T01:12:59.077000 -CVE-2024-3056,0,0,99a83f21d3bd3939b5de8e3d4070833cdd8bb5366e1f2fc5b9915150d29e3747,2024-09-23T17:19:10.877000 +CVE-2024-3056,0,1,4a1f0f870df3acff8c68a5c30f89aa1b0ec533542b5ad8385c50e0f134251a15,2024-10-04T12:31:32.350000 CVE-2024-30560,0,0,29358f4cfba46b880efc18b382f49655b8da1f57de09ea2f3b221ee017e11a93,2024-05-14T15:23:17.730000 CVE-2024-30561,0,0,317571b22962e8d6e5d0cb62ac3952d7d76cb14c6191157ad5ef89ba7149e860,2024-04-01T01:12:59.077000 CVE-2024-30564,0,0,5b72a00e1c04b6fa93ffaa761b95fbd264190bcd29898850fc62b4910b45e5e3,2024-08-22T16:35:01.923000 @@ -251506,7 +251506,7 @@ CVE-2024-31822,0,0,f5a60a4c5bebe79b36a24a50e6b8d88f76d622645863bbbdd8c3e989dd181 CVE-2024-31823,0,0,9d12c900b5aea261a617c0c45db69af06e76753d660b696289c6db95f54b5297,2024-07-03T01:55:25.480000 CVE-2024-31828,0,0,abbd4faafd1830e19da09ba99cc549c95f576d3b26460d61eb3b11d4f3cf3073,2024-07-03T01:55:26.250000 CVE-2024-3183,0,0,0492ca93cdfb91fe06164185f64dfd6e79760054d26b360873216c2809fc0f55,2024-09-25T16:29:45.630000 -CVE-2024-31835,0,0,a15909b348dffc8f5b64de98bd835d16533e3f022180d11add00c96b0d6d92ad,2024-10-01T19:15:07.493000 +CVE-2024-31835,0,1,97e048d23a9101c059357a88c598a1ee38b286f5d14b4caff8c136f24548de34,2024-10-04T13:51:25.567000 CVE-2024-31837,0,0,d4b11924eb0f296c66c4011d26e3c8d35fd7f17f46fa8fcc1ff3c6feb008909a,2024-04-30T13:11:16.690000 CVE-2024-31839,0,0,245f03de749181e8cafb68397f015c580f5b17ce16f6f34c9de9bdd347018299,2024-07-08T14:18:26.223000 CVE-2024-31840,0,0,2a239ae6429f1e619b6ab41616165b617110dec5fa8e072accfd9e1f9e2b5f58,2024-07-26T19:12:02.190000 @@ -252537,9 +252537,9 @@ CVE-2024-33181,0,0,050373cfb1c1e53ba8267dbc3fabd7fa63ef5d1b950dbe9c6f1ffa2007dbe CVE-2024-33182,0,0,85cf52b790aabe853226358e7739617cb8f2d818ce16c35309a03355724b6ba5,2024-08-01T13:51:45.673000 CVE-2024-3319,0,0,3b63602fbf088f6ff76602ae3f5143e8ab646a9d9d32adce3daded5265d3ba0c,2024-05-15T16:40:19.330000 CVE-2024-3320,0,0,00dd140c669ed55b9724819953be5e5ab674983ce3dcac0f7cca51e60d13bb6e,2024-05-17T02:39:50.797000 -CVE-2024-33209,0,0,097f8cdeebb5719cc6dca525a22d2c26b06526a45c93f45fb4dbe02ed149fcdb,2024-10-02T16:15:10.300000 +CVE-2024-33209,0,1,5e277af6b9d931ad6eabe363fa022e3e28565c9bdcab54cd28cbe12498341aad,2024-10-04T13:50:43.727000 CVE-2024-3321,0,0,c2a87eddc88d30331563f9d17a640b75164460d2c5dacd42388be73c643c2230,2024-05-17T02:39:50.900000 -CVE-2024-33210,0,0,ea119992daacb8d52af556b012e2d35a09b3683a173069df0c6e1c2c4f9d3945,2024-10-02T16:35:30.553000 +CVE-2024-33210,0,1,a4330105a4d6b07d9316e6cba604bab6a3559db00469caeaea106e3e51ae6801,2024-10-04T13:50:43.727000 CVE-2024-33211,0,0,46152f7fae2f0904bdc8d43eed72ce61042ffe07ea20488d0724e6d357feeeca,2024-07-03T01:57:35.503000 CVE-2024-33212,0,0,e1465636a9a0085dbcb931f6bf0bf00f21c6133d537bb14ffddf0238c4968d35,2024-08-16T16:35:11.323000 CVE-2024-33213,0,0,535ed6b61a2defaf607542370541a34cb9da6a875bd2f52f1cf422d4fb6cc3a0,2024-07-03T01:57:36.257000 @@ -252825,7 +252825,7 @@ CVE-2024-33656,0,0,bcce08f394a095ebca60ada0fb4a4aafac76a15e930d7944ca1f9457799a1 CVE-2024-33657,0,0,4304e9ad6a833f4e772f3f337e66d35550f113c5280de638d62e655b681eb6cd,2024-08-21T17:24:59.627000 CVE-2024-3366,0,0,a2c419b6dceb854c8524f6fea56c90f31e3f9047e1890ead74a66fe52a9e4023,2024-05-17T02:39:53.090000 CVE-2024-33661,0,0,1fe83f392b56cfa5102f5ff20013157b18140b66b95ef00cb93915789153e2d5,2024-07-03T01:58:33.073000 -CVE-2024-33662,0,0,46d1d2d395802d1631d715ac5931287954ed01bca98531e86282dde27a04d566,2024-10-02T05:15:11.643000 +CVE-2024-33662,0,1,39e1cd5f3535462ce03b3b7218d482fa87d6e966ad84208fedd426957dabfc0a,2024-10-04T13:50:43.727000 CVE-2024-33663,0,0,e1e5e3bf2bfb6f84f42175dcb29cc9799e837d7e631a8436167d9acbf72c8e21,2024-09-03T20:15:07.433000 CVE-2024-33664,0,0,fa102b47e0b0f78985d310d8b8074ad26f7b0a8f6e346244359d7ca87f4b731d,2024-09-05T16:15:07.570000 CVE-2024-33665,0,0,5ca9bdea72a653edb26c9763ca65ae33540673cea00ec4859ff84abbb4dc8bf9,2024-08-02T03:15:30.310000 @@ -253459,7 +253459,7 @@ CVE-2024-34529,0,0,d8133b9a4ea4710432fb31a4132ab39e712c33d1c820f137246e054dc4fb1 CVE-2024-34532,0,0,dcb761bea457268d59c0be9416083baced4fef01729f53184cc4673fe1957bbe,2024-07-03T02:00:31.917000 CVE-2024-34533,0,0,8566d0e8dbd9cd4017bd3a534ac0fd9822a90bf76d2b3f6401a871fd79682bfc,2024-07-03T02:00:33.137000 CVE-2024-34534,0,0,bc0f446d96fd1bff04cb40a3d47d7cedb5384511135e58f39b13d3fecfe87cc4,2024-07-03T02:00:34.370000 -CVE-2024-34535,0,0,ea57154220d77a5e272a9b69811345c475733d9ae16f81976f37197504e65ed4,2024-10-03T18:15:04.693000 +CVE-2024-34535,0,1,83aae08bc421f9eef8621f242b24214806a581d0b260711ffa707015c3215f8f,2024-10-04T13:50:43.727000 CVE-2024-34538,0,0,feba2430cb16511882082bb58c8b82ea01c0b09af4d84fa976b42058411470a6,2024-07-03T02:00:35.197000 CVE-2024-34539,0,0,9ef63927e8927d2fb2816c186d7e6407d6365bb9385ba11a715c86bc1697a83f,2024-07-03T02:00:36.057000 CVE-2024-3454,0,0,f566b799730d97b5188e88dce61422723578c42a47e0d20db27696cb277428f1,2024-09-10T15:40:28.457000 @@ -253957,8 +253957,8 @@ CVE-2024-35284,0,0,3a94c448d00dd5059f3fd361118e6cd65d80e9412861f2d6774f390c6aa71 CVE-2024-3529,0,0,b7433b023ce9172d03becfe0cc0d18595c43e3d8737e87c779d288c2827cf3e8,2024-05-17T02:39:59.247000 CVE-2024-35291,0,0,5225c2a0abe81b64c53a235e59e3157e49cd9481d5912145de7f4fa19255770a,2024-05-28T12:39:28.377000 CVE-2024-35292,0,0,e3b3d736ef0c9425797f6a5a9790b2cb56e0a53578005725786d8a247ceee1f2,2024-06-11T13:54:12.057000 -CVE-2024-35293,0,0,a4e22fa188a744e9f6058246215df53e4473ae5b974108a643304f236afa6173,2024-10-02T10:15:03.160000 -CVE-2024-35294,0,0,9675f5fe061cf93b001295068f23890f2e1a548578cdf9ac342a4d3f5a5905d9,2024-10-02T11:15:10.780000 +CVE-2024-35293,0,1,a024a8cb7462e50d1803dc725da2f5f9552916c788264d2d54797b6f401fb3ac,2024-10-04T13:50:43.727000 +CVE-2024-35294,0,1,3f8358287ada7fd559cb815db60338426a64c989bdb4f60965ffc7de0da1d4f2,2024-10-04T13:50:43.727000 CVE-2024-35296,0,0,82c7767da6fa670c8aa66295178569bca6e87e99e7267708f981755194c6c0f5,2024-08-12T13:55:37.307000 CVE-2024-35297,0,0,a17fd925b730fd9803b93156d1a4f0f1baa604bce402fb65f95c09819b0a7763,2024-05-28T12:39:28.377000 CVE-2024-35298,0,0,767802677800ceed2390ec4b021eb4a1bb445bf1aba3154a6ba4d4e3eb13ec79,2024-07-03T02:01:32.613000 @@ -254050,7 +254050,7 @@ CVE-2024-35475,0,0,5630b4549b65d33d3ee9b0fbe82b2113175125b521e97ea87cdc02319a1cf CVE-2024-3548,0,0,d36c3da57ad232cab63cfe730b939da3d11ca9fb8353135fe3e907f711d131dc,2024-05-15T16:40:19.330000 CVE-2024-3549,0,0,0cde880e41c0c3ba557ce463b1ff0900f3f316d2ed3d6009897a715aae6e97e9,2024-06-11T13:54:12.057000 CVE-2024-35492,0,0,33aecacefd5370fcd53a7eb152d476421944d3120d3115b260ff90b817999987,2024-08-20T16:35:13.950000 -CVE-2024-35495,0,0,2ca389066c0f9d7e4a1a82563f1a7df4d574e1da6bc99733088a07f8f5fb3236,2024-09-30T18:15:05.713000 +CVE-2024-35495,0,1,f2b66f08d983d2d8551432de2a69b265edd788ca956eb42c244416a3e4518c04,2024-10-04T13:51:25.567000 CVE-2024-3550,0,0,ac5bbd2b6bc618ed8d0d187264280ccbd8a80d9a5319faa69118b498969cb88c,2024-05-02T18:00:37.360000 CVE-2024-35504,0,0,e166404c83da3941ce306fedbcc958803779345d2352a83f02ebf499c8052277,2024-05-30T18:19:11.743000 CVE-2024-3551,0,0,66b014d685e7b98f0edafdd7cdd0ca69eb0c14e102cb460567e00480c7707135,2024-05-17T18:36:05.263000 @@ -254874,7 +254874,7 @@ CVE-2024-36470,0,0,05049c8242b38f083734214f212efa24bf0b8e7684b3d943061a8cbb7c06a CVE-2024-36471,0,0,6e10c8a6f7211dd42a1163cc28818f3c443a2860a609ca58841954b595f68033,2024-07-03T02:03:13.647000 CVE-2024-36472,0,0,2535bb51ccaa28f537e77e0ccd5fbdc4d19f82667f3e7465a3e9bc19e2a787a8,2024-05-28T17:11:47.007000 CVE-2024-36473,0,0,aa04ebf30531a2d8b8fe44f55c5d2b24e6cb3b712da23e42c688962416c1c553,2024-06-11T13:54:12.057000 -CVE-2024-36474,0,0,7a260c4c368c118b8488c896c2581980500ed13ae59a79a8e02146080c044c56,2024-10-03T16:15:05.010000 +CVE-2024-36474,0,1,7335e81d1cad3bb9e57fe11d3d56a8de46d33e7fcadba5de05f61ab8d0536468,2024-10-04T13:50:43.727000 CVE-2024-36475,0,0,3bfe32e61fee0f325d0a0c42cbb21fe74c2f37d1a00be99f11a322ba582b65cf,2024-09-27T17:50:00.430000 CVE-2024-36477,0,0,1d17ae62300b2d07c5941459ecfc6e574f91510a7910b453c64417a36e5b6766,2024-06-24T18:38:40.737000 CVE-2024-36478,0,0,d3d3e31a448c89c876d8752dd3d0a5ed214ab436e75114c562c846a5ae1724e2,2024-09-09T13:30:12.647000 @@ -256847,7 +256847,7 @@ CVE-2024-39432,0,0,c5344327ea4e29569cde1ea8e7912a1f59909bf9a7631cccf2f5bb521ee73 CVE-2024-39433,0,0,b0007cb93af88c45dc6df70760e2e177a4763bcaa8d7c7eac293b0ba1aabdc2d,2024-09-30T18:14:45.443000 CVE-2024-39434,0,0,6fa311444443904695893d64c5957ccb50003fad05bc243c95fa5540678b4129,2024-09-30T18:14:03.557000 CVE-2024-39435,0,0,c1323c169e57e336d6df9d30a55825a6eb9bb6be1621f01964c9727171d73763,2024-09-30T18:13:33.387000 -CVE-2024-3944,0,0,5f019f02cc03a38e43d6ce346d35a78d9422843cd57b5ebc3224417ac95f2368,2024-08-29T13:25:27.537000 +CVE-2024-3944,0,1,0349dfe65519a62a84d722d8f6089c2204a2e4ad01321ea2bf2f048acc939172,2024-10-04T13:19:51.383000 CVE-2024-3945,0,0,f529a76504b589632a786b994a7e59172142cd26cd001d628e7f3ff9658da8b1,2024-05-30T13:15:41.297000 CVE-2024-39457,0,0,71348762cda2a65a9fb6ee86fb97ddb6684e341009bf79ffb50846af36c0e45a,2024-08-22T17:33:32.373000 CVE-2024-39458,0,0,057d26d6064abe38c6844996c076741573b3fb5797f6e26a9cfc5dd443dbc18e,2024-06-27T12:47:19.847000 @@ -257109,7 +257109,7 @@ CVE-2024-39745,0,0,76dcbb05d353e026eccc967feaecdea5409270418987883e30491009b8479 CVE-2024-39746,0,0,6375fbb4b5bb9c905c41c7f4d0b9ebb7e249deb4532114f1d7954e0a6335ab2c,2024-08-23T15:25:02.123000 CVE-2024-39747,0,0,a2161f167ae95389c72b0c031bdb90fe73f7e348a5f87dbcba6e48e76545660a,2024-09-16T17:13:47.497000 CVE-2024-39751,0,0,a868bf4be3dd2b51f3b58089c18a834cccac125c90e59de11837fcfc432cb518,2024-08-29T16:56:32.053000 -CVE-2024-39755,0,0,ee474a1349f33348ec4936a5cbe53978561781b40c6e451c73f658a0c9d17936,2024-10-03T16:15:05.230000 +CVE-2024-39755,0,1,dfcf10f6b8600deddb49177d38227bb50ccc0bc92a697b205718d374dfc6c532,2024-10-04T13:50:43.727000 CVE-2024-39767,0,0,3e2d929a0dec960247b2d08752313be7fe5d03de12cbd71addbfff64b71f8489,2024-07-16T18:04:02.993000 CVE-2024-3977,0,0,e9ddc667440c6dcbe059212d85a4e046d10d5ad7b4b151b497bb4963c631de68,2024-08-01T13:56:47.833000 CVE-2024-39771,0,0,faa19d65d11d5ab35c787297e9dac2f6d0b4df9b76c817e52e3ba933bc52cd6c,2024-09-12T21:34:24.920000 @@ -257880,7 +257880,7 @@ CVE-2024-4116,0,0,6ee64e85b69f8f11f599040da371bf02d3a94742e1ecd0f467d9a48f262434 CVE-2024-41160,0,0,4405f1fa554ba7d9df44bc4bbb96ea93e068b229b76d85cd7934b300d79543d0,2024-09-09T12:21:53.383000 CVE-2024-41161,0,0,9b33361091df6923832caa53c78a9e46bbbedfd096d5512869c0f1eed0413824,2024-08-20T17:09:50.647000 CVE-2024-41162,0,0,e54fc1a9823f936d00354799974ba06adb4cc451d56f48d5711fb6c0d45b612e,2024-09-04T17:03:53.010000 -CVE-2024-41163,0,0,cec8d12b943d737345c2b733448ba756ba4b38f2066bda93993229862250ac87,2024-10-03T16:15:05.427000 +CVE-2024-41163,0,1,509e1a34a232eb5e15f12ce2d8e1e102fbf49ac3c22a6a7cb33fccd0b55eed60,2024-10-04T13:50:43.727000 CVE-2024-41164,0,0,c5521af658e92e64cee6bd40535b27065e46248fed1bc5e43067dc57eef0c4d6,2024-08-19T18:39:06.157000 CVE-2024-4117,0,0,439d2da59fd01a25f254df6698027149837f261eb1a16ba5752d7e62667d1bfc,2024-06-04T19:20:30.043000 CVE-2024-41170,0,0,817fea013dbb80aba74cedd999d41f457edab776da0940277c0a8d6917a3fea3,2024-09-10T12:09:50.377000 @@ -257933,12 +257933,12 @@ CVE-2024-41264,0,0,332d92db5c905482198269e17be9fe322336114f0c994cd46df7b2596aa2c CVE-2024-41265,0,0,96664aad23c7dd63e002634cfc71189c6e2399a9d19b5373e19abde784e31cd7,2024-08-02T16:35:52.013000 CVE-2024-4127,0,0,13aabefe1ea17c857d1bb509e28f374ee8245c3658c3b51912d597c1f898ece0,2024-06-04T19:20:30.957000 CVE-2024-41270,0,0,af12a3d2be324bb3d9e2b16ff7d039367afc9e03066837308e275993680c0e05,2024-08-12T18:25:28.583000 -CVE-2024-41276,0,0,ddd9066ea56cdfdef56ae6727e27aa1da4d925d664d414fac74fe96fe2038873,2024-10-01T15:35:13.190000 +CVE-2024-41276,0,1,f0cae9bc3f54ef3aaa3ee773139b942e5533df253d91e2e67651b0a3fdeb4be7,2024-10-04T13:51:25.567000 CVE-2024-4128,0,0,68bc0506eec8fccf6c4228f6f90915fa5b089633c8bc20338b2c6bd4b4236a0b,2024-05-02T18:00:37.360000 CVE-2024-41281,0,0,acd5274a5314a460f4482234d2c8af8da53f6324e375946a6feb8a82983d1186,2024-08-01T13:58:25.943000 CVE-2024-41285,0,0,f9d8e2fe08b82d3f5c7f4ac42e37bd0268ac10deb583909c52659b72a2361eca,2024-08-27T16:03:16.043000 CVE-2024-4129,0,0,f2fba94e29dd925b8a56a23f2711717731ea628ca4457222b442fc21c3f8c80a,2024-05-14T16:11:39.510000 -CVE-2024-41290,0,0,936630b7d207f745b93c491ae3e5dcced70b4ccec12bc096f85ff6080dd20c1c,2024-10-02T19:35:05.817000 +CVE-2024-41290,0,1,c49f8cd5603807c9b54528f3054e83df63373e1eca850d7e76d84e26592de69d,2024-10-04T13:50:43.727000 CVE-2024-41304,0,0,97c8e67643f8470191a2e05ce641725b816a8cc5ff59a9e38a00154810fc7f9e,2024-08-23T16:35:06.883000 CVE-2024-41305,0,0,44375e3d9aedae768570d453a5746b314221c07760efe679991b65a52a72cbb1,2024-08-08T14:36:06.423000 CVE-2024-41308,0,0,0cfb1f5a539d1b3ab56fa248bc4e6b56744120f3ffd7eb646c940bb1f8d27a55,2024-08-08T15:04:28.510000 @@ -258040,21 +258040,21 @@ CVE-2024-41570,0,0,548cd2006d0021700d97d9ac462942b0586c18cb85e20f0c023fdc6e3f867 CVE-2024-41572,0,0,e3312852513c75151c7b09071c0730654908f266b196f942a02a8abd098a0bd7,2024-09-11T14:15:13.380000 CVE-2024-41577,0,0,1db7c1144df378d1f0197182c3eb7cc1bf4798d90e82fc3037fda80bd09f3f04,2024-08-12T13:41:36.517000 CVE-2024-4158,0,0,9bd0a38e47c5b6d26f1e587737a0ffeb7c251278f38061995fc29ba309646aa6,2024-05-14T16:11:39.510000 -CVE-2024-41583,0,0,dbafbd5f746dee4e19cd777eeaad676db65c7997e7566ca5fc5627f037144467,2024-10-03T19:35:13.010000 -CVE-2024-41584,0,0,deec5f5fceccec3ebf1be6d3f7c32c2b919633046a4aff067a3c13ebb42773e8,2024-10-03T19:35:13.793000 -CVE-2024-41585,0,0,39ae1491cd3f2f04c7b6ab155aabe1ac945bb1a6ca93968d6ad049e9e1ebf761,2024-10-03T19:15:04.197000 -CVE-2024-41586,0,0,ff52c6127f691ee61bac965e49bd7a8ad09ca5891dcd9e80d100916514faf5f3,2024-10-03T21:35:26.963000 -CVE-2024-41587,0,0,a61347f67e46f2f02fa522118b3417a0e57fdfdecc4698f6dd0c5c1c273be26d,2024-10-03T19:15:04.310000 -CVE-2024-41588,0,0,6251026d7ba2108486ac0b18dfd3370b03ce9f8a3d39c6a37a6ff4d7d73b6b09,2024-10-03T19:15:04.363000 -CVE-2024-41589,0,0,07d835eb5a2a3d692a59ceb5a1e4073307bfa81ed86963d1b67a3c75fb80bc98,2024-10-03T21:35:28.537000 +CVE-2024-41583,0,1,1f005d1031fdcb8c9fbd4906210734632d6902f2542d73f974724022c9aa8ff3,2024-10-04T13:50:43.727000 +CVE-2024-41584,0,1,68b94596ec41fb07148f3ccd64f3f267bab10beb49b58cefc1308a96f8b6488a,2024-10-04T13:50:43.727000 +CVE-2024-41585,0,1,2314fb9a0efb0f762cf89236f4554c09fc30ada6b4824d4d60d721cebfe100d3,2024-10-04T13:50:43.727000 +CVE-2024-41586,0,1,837f69300649f91553628210cc544eb3742b53056d8761afc7c78beb5b8a3c63,2024-10-04T13:50:43.727000 +CVE-2024-41587,0,1,7f52795a7e9dbcd906b4ef668656108d9462317b44fdb8eae6ccade1d6213774,2024-10-04T13:50:43.727000 +CVE-2024-41588,0,1,d0307e87b64379ba5665d0bbd633d96f84c4ab267cc2ea68a75eb41b756619a0,2024-10-04T13:50:43.727000 +CVE-2024-41589,0,1,04f9923f1d234a8dd6e0bf13471b52d9382898606729d057bb8885e65bf1609d,2024-10-04T13:50:43.727000 CVE-2024-4159,0,0,72a4ec46db1a22f62474bfa22a14f37a28a6ceba3042de92b905fca6cc58c082,2024-04-25T23:15:47.087000 -CVE-2024-41590,0,0,7de253213a52f19f77e2dcc707ceb22dd274b1fccbc266f122832ccb7f32882a,2024-10-03T19:15:04.487000 -CVE-2024-41591,0,0,e399dfd0ac4287c648a580827fd6da02400ca21e821f15230fc759c82b1d39d9,2024-10-03T19:15:04.560000 -CVE-2024-41592,0,0,569b7d872e92574f0e60be7ab4d8c9c16a8ce397695af763d6ac7e27161ef123,2024-10-03T19:35:14.553000 -CVE-2024-41593,0,0,2bc2668d219554fbe42c11c90fc88d7c9fc0da6c3371a182abe0cebf1dc9d74a,2024-10-03T19:15:04.740000 -CVE-2024-41594,0,0,21b9c041e257de507d816750a49217721499efed2dd4a63105428b823ae2f674,2024-10-03T19:15:04.800000 -CVE-2024-41595,0,0,77537293cf16d22636d11804d550c07a4bb761fee85858ec88a50e205d53255a,2024-10-03T19:35:15.407000 -CVE-2024-41596,0,0,4542871b42bc7b516d8d4dc7412603aca370bd6a8da45d0af646a60cb8a1f994,2024-10-03T19:35:16.170000 +CVE-2024-41590,0,1,b18d279475a6520b74696e7288bcfb49fc40bfbcefe9a2ac7fe868ed062b7b29,2024-10-04T13:50:43.727000 +CVE-2024-41591,0,1,12c66528aa27fa5b1b503085223d9b76ab7bda6793795add304d4abe6a6330cb,2024-10-04T13:50:43.727000 +CVE-2024-41592,0,1,f6de19b04cf0bb9aa23a631a0152acf3c16683ccba4ebd341bd77b629281497b,2024-10-04T13:50:43.727000 +CVE-2024-41593,0,1,8eec62312c6d2939b5de76514b104a6bdf428b3d95e400b24ee7d8f56e1d91b3,2024-10-04T13:50:43.727000 +CVE-2024-41594,0,1,b2892764fa9ce03de8d41d9bc0c4a7322837033f2d94f76d5de1dda60e19b4f7,2024-10-04T13:50:43.727000 +CVE-2024-41595,0,1,f4fa709962dab0c7305f9f36894e62c834649fae846a2fd438d736156c5061dc,2024-10-04T13:50:43.727000 +CVE-2024-41596,0,1,07ef332ab0c1cc02af1af9479944d0586c6d5e720d06e9433d72b4111aba2578,2024-10-04T13:50:43.727000 CVE-2024-41597,0,0,7bc1c683ecc7754ef9a4accb42f1f9f659f54572a438343a1c4fabae2a9dfaf6,2024-08-01T13:58:54.793000 CVE-2024-41599,0,0,48a45c986c9579d7d3c0496e1b383e5802ce839d40edd99b19ede2ffd41e1b22,2024-08-22T18:27:45.397000 CVE-2024-4160,0,0,02cbb5178621697de395e5bf97f83709ae910ce21eba24af27e6bc1b3971ae89,2024-05-31T13:01:46.727000 @@ -258102,7 +258102,7 @@ CVE-2024-4167,0,0,a726fa69800dd2a00fe506dc5d29a370681725e72bfe1ac34a8206d5070886 CVE-2024-41670,0,0,d4de1327e25e7abc39266a562cb92a3c058d45ff783401ce0a66d0266a4c8b41,2024-07-29T14:12:08.783000 CVE-2024-41671,0,0,246285a77daa13e5014904fc895b261c0c0cff4d8c9ca9cc03eeeb85acc4b806,2024-07-29T16:21:52.517000 CVE-2024-41672,0,0,663620cb38189153336e50cbd79c8e42d8e45afa368faf46f48802a1fdfadeff,2024-10-01T20:33:44.697000 -CVE-2024-41673,0,0,920f05f9faa451ee3028416d14a5dbff94f88b00a7d462342ce1687bde0dafad,2024-10-01T15:15:07.873000 +CVE-2024-41673,0,1,533fc03eb2716152a56f8207759c36281fdfd375e8d6a40bc6a6295fa7f3abda,2024-10-04T13:51:25.567000 CVE-2024-41674,0,0,e673b8205e82a534b9a977608e67254dbf60c56054d2121630b866936cabb953,2024-08-23T17:06:58.063000 CVE-2024-41675,0,0,99d7bb404b6db7a620ac267d34a06ef7dcdda9c80bdd1ecb6c741290a9b47f60,2024-08-23T17:07:28.247000 CVE-2024-41676,0,0,f8c727903895dd3f774fa8fafadf4d13b194d23bd32750d21228bccd7e3862a1,2024-08-23T13:44:42.487000 @@ -258275,9 +258275,9 @@ CVE-2024-41915,0,0,79e27d81a466e27de33128fccf775ada519c090b73b4d198c18c4a0be866e CVE-2024-41916,0,0,066c2f671cf06af6f38789b8644af442aa1cd06119863d905974296f8fe86611,2024-09-11T14:25:46.180000 CVE-2024-41918,0,0,444713f57f29ae6ab3503ccd6ce1c7bde4d2698bbfadab74cd1692649dedb241,2024-08-30T16:05:23.737000 CVE-2024-4192,0,0,0768e429bccaed861e82d220deefd437e5feb26a94e95c7a121626318970662c,2024-05-01T13:02:20.750000 -CVE-2024-41922,0,0,e82bbd69e5896b90c6c1783c2a4a1209278b5de28cfb6d11af357389a7ab53f2,2024-10-03T16:15:05.640000 +CVE-2024-41922,0,1,6ece803c365204c2a8905ead4c0f11263b9829fc84cd361070407e445d88029b,2024-10-04T13:50:43.727000 CVE-2024-41924,0,0,06cc2d8c551d8fd39f4e2ff31447bb4070ddde2d992cf8f0c8cb1b0035280973,2024-08-01T13:59:15.743000 -CVE-2024-41925,0,0,7b237ecf0b512342226bb373813eef709c11e2c157feb509674871ab9df7625b,2024-10-03T23:15:02.970000 +CVE-2024-41925,0,1,bfb2b8699763360b751a0b9d4cd96dc0b4b643c91e40e4714e322c144c6bed9a,2024-10-04T13:50:43.727000 CVE-2024-41926,0,0,d7564816d433232552fda23a5f10a79963d6c502f628c4841f8484c17aa4f54f,2024-09-04T16:55:35.570000 CVE-2024-41927,0,0,28b0e861c649b30f117a5ffa21dceff5e2eb3f40c9e49c2283b3efe64f1c3671,2024-09-19T15:10:57.793000 CVE-2024-41928,0,0,fac45a5eba953351f64e8420aefaa828221c1e8b109e75da05d07c8ee7a8c443,2024-09-06T17:35:13.400000 @@ -258322,8 +258322,8 @@ CVE-2024-41976,0,0,28d622db4b0702423d465fd5f760fc3d4baf285e2f7024720bdb5fee42ef0 CVE-2024-41977,0,0,d5d8e1f89415d399848bf3d43d8f9a317c22096ecf54afde801686a9741da6f6,2024-08-23T18:39:13.990000 CVE-2024-41978,0,0,bd0d09a1a56dc8d7414c845b0662922159c0a17b71c017862473bb9d2c3c7ab8,2024-08-23T18:34:36.283000 CVE-2024-4198,0,0,10694c0c68dfe4c7db6b33a26dfbe4eb44c2b4223bfed9be5285208f068f86b9,2024-04-26T12:58:17.720000 -CVE-2024-41987,0,0,b77231272ed77f23d6910aabe2c47c6a068c33a2d29a54a24ddf15f174c98f61,2024-10-03T18:15:04.837000 -CVE-2024-41988,0,0,fbedddbb0dcafcafb018aab338ccd8da012eaece707cab58d6897ffb838e48eb,2024-10-03T18:15:05.030000 +CVE-2024-41987,0,1,2f4f37771c64bca6e8bc71abc128fccafab15d1bd7c04aa54df908658ca64cbb,2024-10-04T13:50:43.727000 +CVE-2024-41988,0,1,55a7396f021c4e6e2381c6c9dc94df55d597f6b964a5b9492a46da16c19f42d9,2024-10-04T13:50:43.727000 CVE-2024-41989,0,0,e902f47b7607adc4839df00802ec4b9f801f5195050e557f24fe6e1b06bacb3c,2024-08-08T20:35:11.140000 CVE-2024-4199,0,0,fcf36265d6a610d83a178901804339aadd89406ac8a1349d6da6f71c3e13bfe9,2024-05-15T16:40:19.330000 CVE-2024-41990,0,0,a9d3bfe1152ea007eb5df4a4d15c3972fabe2ab7cf6c4dc84957655472913a10,2024-08-07T20:49:50.480000 @@ -258340,7 +258340,7 @@ CVE-2024-42008,0,0,239b4738ade78ee5cb428e4f0bc1011e17071df970bcf82670ecd9f70d12e CVE-2024-42009,0,0,8775464dacf05b07f164d9bf135cafdb2ba4b40a363a5d9db69127bd2ae3f95b,2024-09-06T21:50:47.813000 CVE-2024-4201,0,0,ee0badf63a3e9c653031fb01c45e3bab9160ffb251dc5a875d128957347bb089,2024-07-18T19:39:50.667000 CVE-2024-42010,0,0,f347d4c1e17b119f6d9851ca0a7b1b017e286c890135bf10b6afdc7ab31c6734,2024-08-12T14:15:07.370000 -CVE-2024-42017,0,0,a768ca4e6eb2a9ee07a537925370a935e6b04778c28e2101328d3734d63b13e8,2024-09-30T18:15:05.827000 +CVE-2024-42017,0,1,7f9a4913b1239026519e3fb7d6fc6d114e8e4e346f101e97cc1469132655da88,2024-10-04T13:51:25.567000 CVE-2024-42019,0,0,00604c99ddf544da3b62d7a84887b798a81cb0c15ced1dcc5fdbfa92f5dd8022,2024-09-09T17:35:05.247000 CVE-2024-4202,0,0,614a40ef1052d861451b397b9533024f5e9aecccff7f20e945fab06926a9f188,2024-05-15T18:35:11.453000 CVE-2024-42020,0,0,37c4c1406166ec6fd5ab227fac5e61169cbd195ea42942d8bd175d493c4f9eb1,2024-09-09T13:03:38.303000 @@ -258677,9 +258677,9 @@ CVE-2024-42408,0,0,4d58de4373d6b44540fc0d8799a258082f4b72e8c10ed3de4134395815aaf CVE-2024-4241,0,0,1e8cfaace7e8ae3194846b1351a77e14aef6cd3a07b429e780198fa55ccad7c3,2024-05-17T02:40:19.957000 CVE-2024-42411,0,0,3fcf900cd705b45045cb94d8edb3d48eeb6b58809490fd9c74760d8ca62aa9ff,2024-08-23T16:04:26.227000 CVE-2024-42412,0,0,7ea410a30890f641de68bc8b7a39cf35396bac17868b4fd498b764e1359ef0b7,2024-09-03T14:55:58.757000 -CVE-2024-42415,0,0,307336d602fc49595d8f1df5740f2331662e3e852bd236907d464db8c01913a3,2024-10-03T16:15:05.867000 +CVE-2024-42415,0,1,f420dbf6cc80ee8daea3fca95cf54104d81600340b55e33b3ff7c2887daa8b3a,2024-10-04T13:50:43.727000 CVE-2024-42416,0,0,0c0ba6b9334c7e838b8d455f49871ca47f5d5630f34ccb39214f945ba545086b,2024-09-05T21:25:09.273000 -CVE-2024-42417,0,0,5bfc3cef962b77f1b69db1d9dbc21d8fb916ae4b02ef0340a97d2a2475fef7fa,2024-10-03T23:15:03.230000 +CVE-2024-42417,0,1,8660869e7d647e076081f912d324d74513810cf39fc8093eae3ed61cd759bc24,2024-10-04T13:50:43.727000 CVE-2024-42418,0,0,1170a194d58fc93f3e0e1a535dff12de506530448528f0fff3eaea817d001f8b,2024-09-04T18:22:22.583000 CVE-2024-4242,0,0,9c58e9b9e77452c845f3c5179c3be4415982efd0430d3da14ab0345d444eccfb,2024-06-04T19:20:33.363000 CVE-2024-42423,0,0,d28867b0d8eebf1aff8bd3b42424cd5e577a7dd9340d9f0359d41e2fac4ef5ea,2024-09-20T19:42:20.417000 @@ -258745,12 +258745,12 @@ CVE-2024-42500,0,0,f0bcaea9090b49f77db24a21554ec397886059105966434018e3d2adca5c9 CVE-2024-42501,0,0,2d6a46c355be0708ff7db2c58107fc669881111adf034802ab42261dde0a7bbe,2024-09-20T12:30:51.220000 CVE-2024-42502,0,0,dc558fbcb98c4923828f8e84e6ebec0b3f2c4f3485c85f0b247c32accde91e11,2024-09-20T12:30:51.220000 CVE-2024-42503,0,0,e0dc0159de5f49231357dfa2934c139a99d8affdbb90e51a7bb34e8b710af689,2024-09-20T12:30:51.220000 -CVE-2024-42504,0,0,51b7d95efbc2963f36d31286446cf06b9e23f8a2a06ee1bdca6983e1acc4292c,2024-10-03T07:15:30.793000 +CVE-2024-42504,0,1,73b4e7fd81224455554066b5ec07433b0220ee7fb806342f0ac78737756123c9,2024-10-04T13:50:43.727000 CVE-2024-42505,0,0,2fcd58f857ce6c82725ed74b63d72047c82b9583f361cc1246e436db45ee28c1,2024-09-26T13:32:02.803000 CVE-2024-42506,0,0,a50836bc4b1264acacafbcc6caa08df43b3dfb5e0abc0c4e6db32750472d07f5,2024-09-26T13:32:02.803000 CVE-2024-42507,0,0,b57055df85850f2ee370e2a3273bd68424b888342bc78e94d00bb509124921a9,2024-09-26T13:32:02.803000 CVE-2024-4251,0,0,4911c8bef2a1e60ace7e3694403733ed66cd48ed80870211c4240e0e24584389,2024-06-04T19:20:34.297000 -CVE-2024-42514,0,0,ecc4b0ee83051111d5b9bab0b8f6e301f609b5df36b98087eae6263fc7fe5edd,2024-10-03T16:15:06.093000 +CVE-2024-42514,0,1,d460cd367675411d3193c035edb4ace972e8999ec2b2b6e4b9b5ffbca01abf03,2024-10-04T13:51:25.567000 CVE-2024-4252,0,0,9237a844d9d9b4c175441eb52c39ce07fc14167f47531df4616e5c1079e2e93b,2024-05-17T02:40:21.053000 CVE-2024-42520,0,0,64dffe6569e4f4099d9df2249ffa95a5cd3b2fdfe3c5c543c43632b62f26d14c,2024-08-13T15:35:16.110000 CVE-2024-42523,0,0,e7f13531824456b37c381b164195bec4f01c74ddaa27da31139f6cf4c536fef0,2024-08-23T18:35:03.563000 @@ -259334,7 +259334,7 @@ CVE-2024-43690,0,0,d9d35b70595ee9d0c288460e486611e2e8293b6f0702f7c86364e442cd641 CVE-2024-43692,0,0,dd90c0c7ec0961e33104688c3a64f24371b069eba59a503241b07b01ecbb28f7,2024-10-01T16:22:38.197000 CVE-2024-43693,0,0,86a2418e4d1748f5ff1d2c010cf8ecb2f43f15c3955c5a628ff84ac9fa94c8a2,2024-10-01T17:17:16.107000 CVE-2024-43694,0,0,434bc8cdaf2a6d1396d2d645518686d4cc41f3871d28bf2405799bf16cb88062,2024-09-30T12:46:20.237000 -CVE-2024-43699,0,0,1f66e4de838782aa8b297bb5d7c5a38293c1fa130a8750c730cdece4a30966af,2024-10-03T23:15:03.490000 +CVE-2024-43699,0,1,4d60ae2180dff9e5ba523da14f3f4e904598419f7f034bcb749e2359b2c50ba4,2024-10-04T13:50:43.727000 CVE-2024-4370,0,0,3c1f5b342c087fc6587c8bc9012541b58d80e50fdee9d14eea44daecdec82901,2024-05-15T16:40:19.330000 CVE-2024-43700,0,0,7d9ad3bdf541499d627305e5fd2f4d5ebf1292f98ea79760d8a63eda3d4aed15,2024-09-06T22:52:41.727000 CVE-2024-4371,0,0,a0b0e0fb8c98057b2328743d7da5c32e9a585001a67e08f1632ceab0df487dfa,2024-07-15T16:42:39.107000 @@ -259368,7 +259368,7 @@ CVE-2024-43791,0,0,2bd2bc46ca8d9e06de5a015638de614e582ba6d4dc15a542dfa7ce0b054d1 CVE-2024-43792,0,0,5dfd532d611c334ef7463fb3ed0a1e3a14dcc1ccfb2dfd854fb0c34158bf7c9e,2024-09-16T16:26:18.063000 CVE-2024-43793,0,0,28f7d2c5a02a2888bcaeed49e9492d6763c121916beec115ab73cecaf6424a4a,2024-09-16T16:28:45.233000 CVE-2024-43794,0,0,012282e0e09ace65c9817dd3efc52ee0130360e07c8e8e9b08cf3adc91c29f00,2024-08-23T18:46:31.730000 -CVE-2024-43795,0,0,140767f13fd56195dfdb66fb95db1887e327f1b6b557d7c3a173eab775283461,2024-10-02T20:15:10.927000 +CVE-2024-43795,0,1,e58ab49b488a183a77cb69f760fb24128a62f55f2417060e474a61f5fb5e6eee,2024-10-04T13:50:43.727000 CVE-2024-43796,0,0,7eab0f98e9cc4b529e67976e2e3e5108a50bbe0663aaa9206477dd6bf141453b,2024-09-20T16:07:47.997000 CVE-2024-43797,0,0,93bf50c44e46a55d09c378845b20b036c0751fae29a6426402d2fc53d3595af8,2024-09-13T19:49:33.803000 CVE-2024-43798,0,0,0f4c51b4b2459096a21f79a4c43df1119a11b4e9a3f2bc6fda3ce5410f7de574,2024-08-27T13:01:37.913000 @@ -259551,7 +259551,7 @@ CVE-2024-43978,0,0,b84c789c57b2300e5e696cc4e44909900a0446291c850df47c011342afd92 CVE-2024-4398,0,0,fee297010492d7a9d0bd198f00369fbc7ee85eff508879444e062d535e0abd54,2024-05-14T16:11:39.510000 CVE-2024-43983,0,0,8ea56144e7b46aa8d46319391d511f11093468f3fcd70ebf4dabea21dfbfa0ca,2024-09-25T14:11:22.450000 CVE-2024-43985,0,0,b30648ddb1d2b11b33385d41d42e62d1ebe2261e3847ee7222ca30a44e15ddae,2024-09-24T19:33:16.910000 -CVE-2024-43986,0,0,9478adfda55868d7b94f2eea7c2c936b95469666be97191a74de84a03c2187a9,2024-08-29T13:25:27.537000 +CVE-2024-43986,0,1,5efaf977320cbeb2ee7ab2a0d0a051c6a0e3aea03f2d6530f85000dcba818978,2024-10-04T13:22:56.253000 CVE-2024-43987,0,0,e42ccbdb2b94d874179a0c5a29e5439a09d4ffe036d9ba2323192b8072b93dd2,2024-09-25T14:08:22.987000 CVE-2024-43988,0,0,43ffe19e41988c419aca249be075847312c9c8cd41c433297d22c781cef44325,2024-09-25T13:55:55.460000 CVE-2024-43989,0,0,1a85c24240c6bdfd83d9fcbb97fb612a96b9509b4e451b5893b3836ea34cf124,2024-09-26T13:32:55.343000 @@ -259574,9 +259574,9 @@ CVE-2024-44007,0,0,d7d1930aeec9d62758ccc2ddf09e21d07c0b586fa0d9735f7d5dee1a37d78 CVE-2024-44008,0,0,c6d2b6687f1293a95753882058aa8ed47455c99d54b3161e64050d330a139582,2024-09-24T22:08:01.060000 CVE-2024-44009,0,0,5b0cf6c82d301fa9d5358bb5d9e7b1a016eed523b7e9c7d9c1329e61fba4852b,2024-09-24T22:06:15.843000 CVE-2024-4401,0,0,48f8e641129f81284635fb93c6fe88c5c5fc547b585fa75e650b46a3bc3c0b8f,2024-09-04T14:33:01.807000 -CVE-2024-44017,0,0,3bb0c45cc5e3bb81d1e2b53c5f1646565fa179194ed0162746b8aef745eb9ec0,2024-10-02T10:15:04.113000 +CVE-2024-44017,0,1,937994d70d4da29139a5025f31ebc224350831fd4a4cb0a9e48d092a036cb87d,2024-10-04T13:50:43.727000 CVE-2024-4403,0,0,07b387e13ed3d47c920433d5f499100d4d5e53ffefe1712d98753a4da5408fe2,2024-06-10T18:06:22.600000 -CVE-2024-44030,0,0,6717eabe00aa50c889567d91f0e2fc09667c070e46ca38dc26015f03b8734395,2024-10-02T10:15:04.340000 +CVE-2024-44030,0,1,48caa9b09f2544567a2401b7b31ebbcbe3a68bebf3fb3629080e335c2c413f92,2024-10-04T13:50:43.727000 CVE-2024-4404,0,0,3ae3ea086edb9bd484931090d5df4b9ee138a4bfd155faf3c535f115da6a15de,2024-06-17T12:42:04.623000 CVE-2024-44047,0,0,dcb68301e676e70a82dc46628c9493a0293e3e08d4f537ef9633f5a0b67d56b5,2024-09-24T22:05:25.723000 CVE-2024-44048,0,0,e9b1cc8fc597060cfdd72752b827b4aa13d91f1cd6810edba590f679e79cd789,2024-09-26T13:32:55.343000 @@ -259611,7 +259611,7 @@ CVE-2024-44093,0,0,6e42d0c910911c845327d3b84b7e4c2d7f7d958e5900913b50cb61055b864 CVE-2024-44094,0,0,745c42fe2d315a5bcee63bacf45ed85a137f90126e69b7519e917691efb9901c,2024-09-18T13:37:12.887000 CVE-2024-44095,0,0,e0006363027abcd9487b2555f5c10f6b2763af7e9102189a399193814a56d2b1,2024-09-18T13:34:31.617000 CVE-2024-44096,0,0,d8c4df36682fa8ff2c29981f1e88279da6a08cd48c4fd6b3719d80ee95e04fe2,2024-09-18T13:33:37.863000 -CVE-2024-44097,0,0,f41d5fa67208a9b458a91150035acf19555d230546c738fc3f37c0daec84b350,2024-10-02T17:35:15.257000 +CVE-2024-44097,0,1,965cf9d05fda49947baa77cde6164ca7e937d7f38563ab41cd3e9e9bd0e5a36b,2024-10-04T13:50:43.727000 CVE-2024-4410,0,0,ca43b98286a78ab63b5139b50b93fc074ee9aec4c16e78097aa3514c43622322,2024-07-29T14:12:08.783000 CVE-2024-44103,0,0,709653e0e681c50169d2a31a1ca4fa07ba0b9e103bee0789c715365497e0794a,2024-09-18T17:18:39.040000 CVE-2024-44104,0,0,929a3e88a508b197778cb9d698752e7d95d2a1fd6ba54e089d4187ada17accb8,2024-09-18T17:33:06.413000 @@ -259678,12 +259678,12 @@ CVE-2024-44189,0,0,e2ab737161ad2da12e67ce91184b5117737604e14075d78e50c43a3e20db6 CVE-2024-4419,0,0,918f3c0166609f9f9b771eac1f6aa12d317d90973a2d5ca4b8b94efa19c28169,2024-05-29T13:02:09.280000 CVE-2024-44190,0,0,5081ce2fbdd1649caaed595db236986bbee24e3cff5adfb1ad5f115afe6eab20,2024-09-24T18:02:25.313000 CVE-2024-44191,0,0,fd90f1ba5d10f528b1625af58577f983572aef3fdc720edeeb57922b3d21d47c,2024-09-25T13:24:42.380000 -CVE-2024-44193,0,0,86c31c60a8f8d8916de9fbfb73f557b7282fcd5e1eb63c6a82bd2ef47addde45,2024-10-03T20:35:16.860000 +CVE-2024-44193,0,1,f17ea6ad74232cbfafb0dc23bcf4b401977d8786ab1d3a877fc57ebc775c3168,2024-10-04T13:50:43.727000 CVE-2024-44198,0,0,a791372ee4d27381da793bfaa9ff3602c34f52c134516fb46328053cb2cef47f,2024-09-24T15:45:32.787000 CVE-2024-4420,0,0,02a774e6911ba5e1ba33187a3301eb3f9ee3d8fd212c89cee791dd002410f381,2024-05-21T12:37:59.687000 CVE-2024-44202,0,0,e17cdcd52ced4944b3cb8ebf1e0107ecaca0e3b137318260a8309f5868dfd271,2024-09-20T12:31:20.110000 -CVE-2024-44204,0,0,193c39609c9e61f55cac11dead13e4f2ec2016aeabfc3e049a0e519204131a43,2024-10-04T00:15:02.467000 -CVE-2024-44207,0,0,d2c06d4b935e77a9cb0b5f7345401cf4a01a1e7b350983ce54bd96acad9faba8,2024-10-04T00:15:02.637000 +CVE-2024-44204,0,1,5c42a33cbb614c50576996e49a30f0ee4a64de250131c7a46c47c611a1841b34,2024-10-04T13:50:43.727000 +CVE-2024-44207,0,1,0ffbf417eab2790c4af99a693d2a0a4c5f0683e4e19d0c0e6b2332605b9efb4e,2024-10-04T13:50:43.727000 CVE-2024-4422,0,0,19c238465441950f6a856008185dbc8a7b4e94407f1040ce4816040c86860490,2024-05-30T13:15:41.297000 CVE-2024-4423,0,0,0715bc9caf3e0b170ca2968c721bdd1e236908d8891315bb75fdf772bdc9c875,2024-07-03T02:07:32.943000 CVE-2024-4424,0,0,f0ec85c26b242f03f1dda01796c703344a9d3cb93681b5b37fa83e955b9558c1,2024-05-14T16:11:39.510000 @@ -259770,7 +259770,7 @@ CVE-2024-44589,0,0,67d52b979dbf84795ff1b1a6445da43c9d3cf1ac9141ab2287575f9704bf9 CVE-2024-4459,0,0,b17743adc54c2996e578e7c399fafb8182f2604175c352726fa92e67f639f3de,2024-07-24T18:00:21.097000 CVE-2024-4460,0,0,91888f8bde5a4d48a24dfa2195fe74c4db2ec96b9dcf1f6b0a4392132da82baa,2024-07-17T11:15:10.240000 CVE-2024-4461,0,0,51250da8bcd9ecf720caf9f3a7efd550d6e47af21e57f982fabb8237238dcfce,2024-05-03T12:48:41.067000 -CVE-2024-44610,0,0,d1a5ad8642b14d9c678d37711b95729790d0ce9ddce47b7569f0eb14e24ca8dc,2024-10-02T06:15:09.210000 +CVE-2024-44610,0,1,04bd20e65597a0e47eb48d662767349876511b643e2309be49dec3988931a8cd,2024-10-04T13:51:25.567000 CVE-2024-4462,0,0,7de1c10fc651b37d9659e3e60da12a8c072b437874aeb6819554614b6acb9a58,2024-06-04T16:57:41.053000 CVE-2024-44623,0,0,be0881fa228aca782008c2748d4b046bd517031ec8a03bf9e09823e1f811d2b8,2024-09-25T14:53:20.253000 CVE-2024-4463,0,0,697d96b65b3f5bb41384b58e0f6586cf3caa8378b8edc45503427d4f5bdd2d8e,2024-05-14T16:11:39.510000 @@ -259801,7 +259801,7 @@ CVE-2024-44728,0,0,cb7a7604dfcd48f9cda73a0c69d9a24576616f565cbb7b44a1dd956c1a254 CVE-2024-4473,0,0,8a0cf4a98efdbfb5770862e11c920028f2e3a9a43c44eb843685fb5ef0c3f72b,2024-05-14T19:17:55.627000 CVE-2024-44739,0,0,48da2c283a8d53275b8fef0ca13127577bd8ad3471472700794962cf357a3ab6,2024-09-06T16:46:47.907000 CVE-2024-4474,0,0,f8c1a36ad14efe96f98dae06e1720ed737c744e50cd9a9e3991eaed9f98aef96,2024-07-17T02:48:04.213000 -CVE-2024-44744,0,0,2cfc69cf96d0f6d6bf0cafff4131548c736f85c9575c6e741792a6f3559eb74f,2024-10-01T19:35:08.023000 +CVE-2024-44744,0,1,43015c41271252641ea2f881ca4ade7f1614da67e3e6de0e2e1c645ebe65d431,2024-10-04T13:51:25.567000 CVE-2024-4475,0,0,b199ea7732b827fa53d53ebb43badb03a8dff248a786cc8d7d2459800e62c08e,2024-07-17T02:47:07.620000 CVE-2024-44760,0,0,0d252ff08482783aaee88c027910c09101e7f32f15f52b69e5e2b4482012606e,2024-08-30T15:55:41.137000 CVE-2024-44761,0,0,2cb43df04a70791b0f0fb8982142da3403b663e9582e8c16ce12d7edd85714da,2024-08-30T16:00:30.557000 @@ -260007,7 +260007,7 @@ CVE-2024-4506,0,0,ddf6bfe33c9fb68b792eae19c37cbcf6030ec7e8a9a0c1f6ead94d2f62170a CVE-2024-45063,0,0,33e08634550506363c06b675c8eebdf6582cbbe73548148f8e40aee753dad000,2024-09-06T17:35:18.370000 CVE-2024-45066,0,0,a454e9ceebd31b55929c2c0a2d42869872cfc6fb29fa46b222f3049d82b952e2,2024-10-01T16:18:10.680000 CVE-2024-4507,0,0,feffcf27ced8e6be5fca9d21b321343c494624929485135b513ee1c93a346051,2024-06-04T19:20:40.250000 -CVE-2024-45073,0,0,b7b59b87b4dc7e743f6dd0c11e31adccc6e7447428e451bb0d90c03286b636f7,2024-09-30T22:15:02.703000 +CVE-2024-45073,0,1,e6a4e9e5d55d10a2984ecf959bd3646673680e37d22c364c1249e301fdb07f55,2024-10-04T13:51:25.567000 CVE-2024-45074,0,0,410d152e2b1ce535bb792f747dab438d63c99a6f6d04953bcc95f60bfd46ac78,2024-09-06T16:45:32.767000 CVE-2024-45075,0,0,72725abf8f0bda55b265624cd19c42b954d17e9672b7c19951b6fe04531ef578,2024-09-06T16:45:12.980000 CVE-2024-45076,0,0,5fb321e82c08a6c58252337bee6e5fcb4b13786a863fe8ca643f04e713d05d32,2024-09-06T16:44:52.310000 @@ -260056,7 +260056,7 @@ CVE-2024-4518,0,0,64c3b6e6e74f6d9fd929463119875b686279109a997143c5dd3ad8e2c1af13 CVE-2024-45180,0,0,08348c7b1382a66372a71879585bc4b470bbbe0e7bc2a628091dcf790778caba,2024-09-13T19:55:54.477000 CVE-2024-45181,0,0,c1b3f50892c5ad2964a42f2f7c4bb1e591fc78d268d80e02244df3b7c3d3d502,2024-09-18T20:26:26.873000 CVE-2024-45182,0,0,9a85c862314a6425e6060387f72c5f336d253a6faf88611dfadeddbd5da8c540,2024-09-18T20:26:11.023000 -CVE-2024-45186,0,0,dd0cb6069a7a3676314323dba5e5a8af7d4dda1193d70390cbae04ecfb4affaa,2024-10-02T14:35:06.610000 +CVE-2024-45186,0,1,77c3f8977c3993383fb80894e402f55d5d22584cb41b5e73c31c8d88ae8792cc,2024-10-04T13:50:43.727000 CVE-2024-45187,0,0,b29c34a9281e147a1f2b33bdd2a8c272cd39081d36dd9d0273787cf191e54024,2024-08-26T12:47:20.187000 CVE-2024-45188,0,0,b715e0fd98dc9de103c52fc47a055822268226fc14af5f0a01f3a3eab3db9def,2024-08-26T12:47:20.187000 CVE-2024-45189,0,0,b34fadec0fb3db465bf6b7b191f2d87a7b9589d6e1c6f03c86e02522d36fb854,2024-09-12T20:42:30.850000 @@ -260137,7 +260137,7 @@ CVE-2024-45348,0,0,f8397568e636cad274a96a56fcdbc01af3feb6775d5986faa9442985588b0 CVE-2024-4535,0,0,87b4b5e0787ea182ddd9c6fa8e26c59b6c616e4e57e592ee0d6f169678ff9b64,2024-05-28T12:39:28.377000 CVE-2024-4536,0,0,7a5702ddadcf7f48c7c82ca09978f30e343a6d4f259e12cc6fa88068d1723500,2024-05-07T13:39:32.710000 CVE-2024-45366,0,0,ec78c74ac351c22ffbb4e903d91259c92e90ebafbe4e65694c50f7e794cfe1f6,2024-09-20T12:30:51.220000 -CVE-2024-45367,0,0,8533d46a9748af0946f00d524331a57f573a216e018a440acd4c99d06495dcf4,2024-10-03T23:15:03.737000 +CVE-2024-45367,0,1,0526dd42b9c0023f20e47a4f54c9654d233f5749bdebc7d801bd56814bb66464,2024-10-04T13:50:43.727000 CVE-2024-45368,0,0,563bfc1ed8b31a23579e2f54c884aca7d778495c2d744e0c86e6262fb50de16f,2024-09-14T11:47:14.677000 CVE-2024-4537,0,0,2e530ca2c49a8373646367a8e0c1771a783669d0151f9600cf6b8a99b12e73b9,2024-05-07T13:39:32.710000 CVE-2024-45372,0,0,0a1d0605c681771c6729a3a683574f05f2ef151ec9ea8ead25b225094be60f44,2024-10-03T00:34:04.693000 @@ -260163,7 +260163,7 @@ CVE-2024-45401,0,0,954ab622986edfe93d770dee5aae8a96aecaff4645097c85021d65007f0d9 CVE-2024-45405,0,0,fcb9dae5692e8d4d27671ebdd5ac9faa600b717293c20df4e46e96d26ca1730f,2024-09-06T16:46:26.830000 CVE-2024-45406,0,0,fccecd6532f18f7e1ea06f6cc62abb2faeaefa7fcd57ba441a0597b2a31370da,2024-09-13T15:30:45.380000 CVE-2024-45407,0,0,761b4924e4b46db1752cf42f388ca76c7e573211ea8b116cb02c0d2e460e33eb,2024-09-20T16:18:46.717000 -CVE-2024-45408,0,0,a753e56cff25d11b212cbccf7089cadb772816b53994d3e53bfae41c7a0b3c3f,2024-10-01T15:15:08.220000 +CVE-2024-45408,0,1,8505472fa7130af4861a076a5776bde56f8989568f3e93d667d6fd574cf468e8,2024-10-04T13:51:25.567000 CVE-2024-45409,0,0,8d3455cc5d06aa00e7efc9d2b07d7d23ff8f7e545f196a7071950bdb754db616,2024-09-20T14:13:10.700000 CVE-2024-4541,0,0,3195b1a81526d9da93cf28b1e1f763238ece2897561011f493b9a3c77f12398c,2024-06-20T12:44:01.637000 CVE-2024-45410,0,0,aaed882cbb27e3b763a7cf27ed0a68c177e01a433a2f2467dda1cd610cffbe15,2024-09-25T17:39:08.033000 @@ -260218,7 +260218,7 @@ CVE-2024-45507,0,0,b2cf0920dcb75db868de7b4afd51449cea360da72164b9b7e7a575176b0c1 CVE-2024-45508,0,0,a7bf13ff5f2bf318e53d0cc8b12c1b5ac7eae45f1991e7b683a2e3673a166bb9,2024-09-04T16:44:08.247000 CVE-2024-45509,0,0,2da4a07b41eb99a3059398ff74aeb7ba3be7995744fd94f415c5c3e9d41f0b5f,2024-09-04T16:45:08.597000 CVE-2024-4551,0,0,f0a0f74f6dfab215971682e84a8c3d35d9da568954bf14d9189d7462b5493bd2,2024-09-20T00:24:08.597000 -CVE-2024-45519,0,0,021f4b4810f19526f974269fab6f407da5d548e97c4b401f6b15650d96befc1d,2024-10-04T01:00:01.317000 +CVE-2024-45519,0,1,9da5c28f4ec1766a21b440d652d81cb9f5eef19fe1494e1b31f709acc5d00966,2024-10-04T13:34:19.720000 CVE-2024-4552,0,0,a910e848f992d4848b5a9057809234cfe8833a167abb01396097dc34db4ca3d3,2024-06-04T16:57:41.053000 CVE-2024-45522,0,0,cfbe5f5b4866198ecf4773ddc4ec07a576ac517554c3c987f558bc88648f0e9a,2024-09-05T14:29:32.737000 CVE-2024-45523,0,0,e7d93fa702fd02b5bced215282921c641c45ca521a1d9282d8eeca5a4c9e6cac,2024-09-20T14:35:11.523000 @@ -260299,7 +260299,7 @@ CVE-2024-45769,0,0,8008e87928d7d924cb6edc7a002ab7d174233b35bc221ee2578339101437b CVE-2024-4577,0,0,b55cac970df35b2daf21f1bc20cfa9dd0965f08c49eae1007fc9a139f9980913,2024-08-14T19:23:47.253000 CVE-2024-45770,0,0,e98fab17d907c24beb2a28773665764214c6145643120e7f9304697540dec889,2024-09-20T12:30:17.483000 CVE-2024-45771,0,0,754a0f27219aa2eb6179ec627ac31099e8e2882043a643cfa7921ddb03dbb66f,2024-09-09T15:35:11.567000 -CVE-2024-45772,0,0,6555d43da9bfa4c08a055fabdfb02970bdf58ae6833a8d9c15b564b7914c2669,2024-09-30T12:45:57.823000 +CVE-2024-45772,0,1,d4fcff511ac9c702d11d2981d4f53f578a5b533222a07c5c21d8a62a8451fded,2024-10-04T13:20:58.327000 CVE-2024-45773,0,0,fa80a32ca25578799d772108a6e7f2b87164fbdfd3820c41dab7e96e6c83084e,2024-09-30T12:45:57.823000 CVE-2024-4578,0,0,de2bf1ab8b65cf8119579f63d8e64a9383c9519828d1fae8ddac21d6dcb5605a,2024-06-27T19:25:12.067000 CVE-2024-45786,0,0,1027a4a71b54e4ed926e7c4d82608ed7bf7290e7e8486a1ac94d8f7e4edfad02,2024-09-18T20:12:47.337000 @@ -260308,7 +260308,7 @@ CVE-2024-45788,0,0,7ba304e58f1e132a77e708ed9119516e49dd167750ae6faec1e1736fde9ea CVE-2024-45789,0,0,85b2a3e63aad506ab70a8ae8f934d73422c76c344971f05123a4397c0e8661da,2024-09-18T19:55:58.287000 CVE-2024-4579,0,0,b44e5adee861e75c9f2de9111724b513cf79b7a7dcd7134192d107fac1782253,2024-05-14T15:44:07.607000 CVE-2024-45790,0,0,339d5c59c4b08184225ef02e77057a5607db1e407fbacc8325ce6de4811d4a59,2024-09-18T18:38:04.393000 -CVE-2024-45792,0,0,947068631992489b1e5c8dcdbd9edac120db450a688e02f16212740e6b819b6c,2024-09-30T15:15:05.830000 +CVE-2024-45792,0,1,5abb7de999f910eaa61796ecbea33f574a65653e2aa062ee4c5c2e229e356bd5,2024-10-04T13:51:25.567000 CVE-2024-45793,0,0,9df195d476b9f18fe89dd15d9de75cbf87671a956c83113b39ce1c0cbc87094f,2024-09-26T13:32:55.343000 CVE-2024-45798,0,0,36d6c14bd6da02b6f563e24f34a8e0ae70f5e9226b87bf40201ee0b5fcb96dec,2024-09-20T12:30:51.220000 CVE-2024-45799,0,0,57236f37d51cb52dc4abff4e8ae9968f58089f5668de4fddcdb24ddcded04f03,2024-09-20T12:31:20.110000 @@ -260361,24 +260361,24 @@ CVE-2024-45861,0,0,68a3e8fb3e4597c61c4db5f65fdb33d3d4021e79b4a5583c113ba868c0e19 CVE-2024-45862,0,0,a441a246649880078e2d6011e0d9789b5a78013f3cf95e46c30715bdc12df7ad,2024-09-30T19:33:30.750000 CVE-2024-45863,0,0,fa53199e81e1f2d3cad3f37b555d35fb431e4ff73450f766bc0b9224d0bde527,2024-09-30T12:45:57.823000 CVE-2024-4587,0,0,ccb551f2bab92e34c98709c8a5231b1e8778dd90f0d16bd4ac4c665438d47b6c,2024-06-04T19:20:43.057000 -CVE-2024-45870,0,0,1f712686d791261b9b8bccb48bf7f2978a01ec5f132459401446c6c8b13d1ae8,2024-10-03T18:35:08.207000 -CVE-2024-45871,0,0,da797124e1a085e17df8e4e291e7d94a55c93ed66ba9b9ca1409ac679e8158bf,2024-10-03T20:35:17.033000 -CVE-2024-45872,0,0,c06e1a1b8a2993f9bf1ef47300048a52bffb99fa8bb45aa4cbf72cb62d5154fa,2024-10-03T20:35:17.843000 +CVE-2024-45870,0,1,f92d175154659b1ccfde1cb7d2443c500aaf2564bba36f9202b2dbe5a7292031,2024-10-04T13:50:43.727000 +CVE-2024-45871,0,1,728c8e6e25f852a5194b96b816339c6dea2f278495c76d4d9d6d904a9357f28f,2024-10-04T13:50:43.727000 +CVE-2024-45872,0,1,8e87b92fe22bbef6284d58a5e62493b4717b48305cf479255ef9a674e1d360d9,2024-10-04T13:50:43.727000 CVE-2024-4588,0,0,9198a141cbfd67d79271a90e0ce19e828dccb043a1ec84b18e696744e0f31db8,2024-06-04T19:20:43.163000 CVE-2024-4589,0,0,4328e8e6c3737b332b5624dfb7ea03e7812e5262794529580dcb4596fe3e40c9,2024-06-04T19:20:43.257000 CVE-2024-4590,0,0,8ca402987898b35fa6dccf6a68bedf09dff404f8ccc3b30e4b5d3617c810458c,2024-06-04T19:20:43.350000 CVE-2024-4591,0,0,932b05f4c05f6cec282455aa1d3695481031502fa6f9d1dddbe95851cbcfc0be,2024-06-04T19:20:43.450000 CVE-2024-4592,0,0,14c53bd50ede1a956ff9d7a3d25f38fbc0411a373abc96f1d6d1bef77fb32c4e,2024-06-04T19:20:43.560000 -CVE-2024-45920,0,0,1603368018598f68b5023b023b64068849128d766e08c06a3393721c2c45efb8,2024-09-30T18:35:07.773000 +CVE-2024-45920,0,1,ea56e67e89fba77fab53ce0c18965669797ee29dd0e8472343575caa10980571,2024-10-04T13:51:25.567000 CVE-2024-4593,0,0,94ecb7e459fb704ab815ca1814a0a7a4397cf6e067d30b0e365dc0bb2101508b,2024-06-20T20:15:19.237000 CVE-2024-4594,0,0,6353480e983dfe68c6b174c583e75b67b6ebde5befefc4e80bf75a35aedb2302,2024-06-04T19:20:43.657000 CVE-2024-4595,0,0,a34d956039b7343ba69c0066573aab0165928a92f89b42d7c5d672a51296492e,2024-06-17T19:15:59.063000 CVE-2024-4596,0,0,dbe0fd0eb8770735bec19f4c23a1e0e23418b2478aa147d47acbafa8a1854f1c,2024-06-04T19:20:43.750000 -CVE-2024-45960,0,0,f128b292b8e3dbd70884206ed09a552ac71b395ee0665ca5144a34a39ccaea1e,2024-10-02T21:35:13.667000 -CVE-2024-45962,0,0,2a38723a45f54cdffe1e10ae5c46d179983be38b2bce9ddbc5bb297f24c278a6,2024-10-02T21:35:14.483000 -CVE-2024-45964,0,0,6a0109e6ca2f96c94e2ae680a4928adf7f51b5811197734b7604fcccca98193e,2024-10-02T21:35:15.363000 -CVE-2024-45965,0,0,4bee5356ab6f6429ec4b8d380cc644d2b16616c2099f51c7a113904e366d6e6b,2024-10-02T21:35:16.147000 -CVE-2024-45967,0,0,34e7fbcc53b37a4a2d435b948ca8b7adc5a94a5464dfa2e754fc39d24c1f4463,2024-10-01T15:35:14.153000 +CVE-2024-45960,0,1,d6abae379e9e9c51c8d55d00b2041f6c01d4089ebb39e6f4c0aa02e3bfda222c,2024-10-04T13:50:43.727000 +CVE-2024-45962,0,1,410a38ff5223f4d49bf1514b127efbec05a242aa992c767afa2b00b3754e2ef0,2024-10-04T13:50:43.727000 +CVE-2024-45964,0,1,115c652e0870ab8284554895b46caa73ee13878a3a483a4a0704cf316ae20802,2024-10-04T13:50:43.727000 +CVE-2024-45965,0,1,337eabe224912cc2b0cbadda62428cffb8300aa00cac2bea6d6188e8e9c18de6,2024-10-04T13:50:43.727000 +CVE-2024-45967,0,1,6af6fb1bf8abc96b89a897208a34deb6484f333cf92fc60514a52d4661f8c7cf,2024-10-04T13:51:25.567000 CVE-2024-4597,0,0,098adbd2826136caa11e67cd45a2f45f6208425bc1c84711667f353f70d7a203,2024-05-14T16:11:39.510000 CVE-2024-45979,0,0,0482757b935fe16e8666637b8de38f7a7ad511da9e453512eb3d62b894d1236e,2024-09-30T12:46:20.237000 CVE-2024-45980,0,0,ded57935070da9b29c36c9f95713cf4ac252f503e27a31ee2114452772d0590b,2024-09-30T12:46:20.237000 @@ -260391,8 +260391,8 @@ CVE-2024-45986,0,0,a85d3ec3755f724362fff27a6a522f83d6b30d560b1ead4324df3dd3027d0 CVE-2024-45987,0,0,78f20ed33f2f525a22db6a5cf4bd6c14205c0abb553bb982099aff60afe849a3,2024-09-30T12:46:20.237000 CVE-2024-45989,0,0,ab3f6bd3392b087dcb35df06d536b3edd1a33ced94d9672493bfe0cf20988e7e,2024-09-30T12:46:20.237000 CVE-2024-4599,0,0,97a585846a1cde14c82c7df8029410945eada1b1651bcc856b8e29367f63ecca,2024-05-07T13:39:32.710000 -CVE-2024-45993,0,0,e26b64fa81fc283c963e728220ec6b219796ae3f5c14eda623f46362e541d825,2024-09-30T19:35:05.410000 -CVE-2024-45999,0,0,4a0e2d6b9b706a9c04f96309d805e7a6593b35eaced1e9b7eade5f19e1c83601,2024-10-01T20:15:05.390000 +CVE-2024-45993,0,1,350b08a6cc2d250cbd03f88d3d0b93865e2ed8a596686ac9cdf0d0569cd66a5b,2024-10-04T13:51:25.567000 +CVE-2024-45999,0,1,070ccfeaf3477e0a4deaf7c3e9f9cc22e2a82daf560b2c67dad6fb67ba87a9d4,2024-10-04T13:51:25.567000 CVE-2024-4600,0,0,078ff1a3ce0c016ebe4abdef878e85c422e5d3e27f924ee561699d3a699695bb,2024-05-07T13:39:32.710000 CVE-2024-4601,0,0,f0cf92b01a71b6ce5239836875c0fea83fe5cefcc9c9a95787d845c600418862,2024-05-07T13:39:32.710000 CVE-2024-4602,0,0,2d8504f508e1d4f718d8c666850c307b85c9596de2a8b2f0ab0bc138c9da4ca4,2024-08-01T13:59:32.233000 @@ -260407,13 +260407,13 @@ CVE-2024-46049,0,0,39c19419297fc26bc1a072b6b6a8ff9ba0434b8f7cc74fa3a910df77355bb CVE-2024-4605,0,0,cc5939dfa5bb0891c69db66e562cc6696594a6a88efe746332f5ec8ead5152ae,2024-05-14T16:11:39.510000 CVE-2024-4606,0,0,f985d30934b7c1f8930bf2267fb972a68a7301f3b4fab17a99fda7060e053c79,2024-08-28T08:15:07.093000 CVE-2024-4607,0,0,26d7fb8a60d9724fbac67d9d15e472fd268b8645ac384c2f62b0c7323928361f,2024-09-10T15:03:24.710000 -CVE-2024-46079,0,0,de738a0bd882f39ea47b8b780287948857238b9c551e4d68f6db004a475649c2,2024-10-01T20:35:15.110000 +CVE-2024-46079,0,1,21a745583a04ce8e53d78c79762844af650c3ee32ceb2470113c349418b02132,2024-10-04T13:51:25.567000 CVE-2024-4608,0,0,6b948b515db267f779f431dbe386ca01ccd7f50a9fc569455bb84149dca96357,2024-07-24T17:59:54.607000 -CVE-2024-46080,0,0,f0f886b5c60d620e0a3763900e062e8d713a9754171e96277dfc24d03f0b830b,2024-10-02T16:35:31.633000 -CVE-2024-46081,0,0,ce234681fd295fa30b0365e788d91f8af933d72fe65b9789b0e2a2d1afc6dfb2,2024-10-01T20:35:15.930000 -CVE-2024-46082,0,0,dbbad918d972834efcdd6cc5d1be5c5f58c54cd9d7a61b0321ac2e925a0ee93b,2024-10-02T16:35:32.440000 -CVE-2024-46083,0,0,9a57be1cd20a7d38e5aef4fd8fde4bd404240de87843aaaa1ae4ab3787c965a8,2024-10-01T20:35:16.743000 -CVE-2024-46084,0,0,1afba640ca072b9ac5b46978318c5ed068f301a6f2980e4922a8af26224f7bc5,2024-10-02T16:35:33.230000 +CVE-2024-46080,0,1,a4105e0b464dca0de4d1e54f88b52de989491386f4663108231c49b8d396548b,2024-10-04T13:51:25.567000 +CVE-2024-46081,0,1,33cee5a7bd504a3645fb4da83aa75e6325046ed55e20a14fe48de76d199d8cb8,2024-10-04T13:51:25.567000 +CVE-2024-46082,0,1,55c463c71dfefd6c2d9469490a69dc8c646a31793267f11d9a0fdb6e5ff4b7ce,2024-10-04T13:50:43.727000 +CVE-2024-46083,0,1,73f6a059a5ba6bc696db7247d8909675528ea79771aa3e324116789f85257d98,2024-10-04T13:51:25.567000 +CVE-2024-46084,0,1,b76e6b13523e15b76b374f65868a92b58cdd010c840abd828b2c93c894b78869,2024-10-04T13:50:43.727000 CVE-2024-46085,0,0,c40bf34999e41384db415b4f8361df5bc1a972c059bfcf483e35e9bef50d8457,2024-09-20T12:30:51.220000 CVE-2024-46086,0,0,504c7f52322e487d2224c0cc449e69a05fcab67f7a93912f7189c1bccd5d3802,2024-09-25T17:08:41.937000 CVE-2024-4609,0,0,b6f3fd3db9085553e8d026a562774e21d6dc7bb2eb7a9a6cfeb43138546783c0,2024-05-17T18:36:31.297000 @@ -260437,22 +260437,22 @@ CVE-2024-4624,0,0,8d5df292e17ba086eddadcbafacc529f2ebc3c5e49d7b6ea9488db217d3278 CVE-2024-46241,0,0,e8f867d722224165a0936937fdbb3a70034985bd08f25a28d6b30ab6a32199ce,2024-09-26T13:32:55.343000 CVE-2024-46256,0,0,3eabf4e0bd1ddec40016e8895217bf93aabad097691dbd82d3a7db1e6662a8b3,2024-10-03T18:35:08.983000 CVE-2024-46257,0,0,9ea0ad0f2e6865da2b0362a090cb21ce2a440cd52edf95f9a53e87e2d7fb967d,2024-10-03T16:35:05.240000 -CVE-2024-46258,0,0,66d4ba0eacae8dd9d0eca73dbf4dcab7177ea20d17ff664891f4d8cf7106650a,2024-10-01T14:15:05.667000 -CVE-2024-46259,0,0,8cd982ada949549c022cf16fe016b7d67c2f0b4de3da546882e97267bc94a7df,2024-10-01T14:15:05.753000 +CVE-2024-46258,0,1,4234259737d822207cccbd23a0af33f13e2d89706c5a65f00639323fe71798dc,2024-10-04T13:51:25.567000 +CVE-2024-46259,0,1,bfc01b07982dad297677c68a654906c3c0adfeed2ab6b7681948bf3a4935ee61,2024-10-04T13:51:25.567000 CVE-2024-4626,0,0,2c49c68b79a7a3d7626dfac7c1ab161b6d51a1a10b834d04b620fc9c15d7e475,2024-07-15T17:10:52.563000 -CVE-2024-46261,0,0,d095209f147ca210d8f34f9918b6078f27456a64538a8a3fdd4004f10bd80f6f,2024-10-01T14:15:05.833000 -CVE-2024-46263,0,0,2a283ecb74dda99af1fa6734ac6d7aaf909a6e8f3d9ff97592b6df63f0c90ec5,2024-10-01T14:15:05.910000 -CVE-2024-46264,0,0,54fd205ed62f151d4d1d0be23839450ce6d21505df20aa6e9f7118f9b846adb1,2024-10-01T14:15:06.003000 -CVE-2024-46267,0,0,7dda7fb179a0256bcb09a66731c270f00b9765a3b2e0a8d06196f85667b6aa32,2024-10-01T14:15:06.090000 +CVE-2024-46261,0,1,b772cd8a2ddfbab7c4b19ee6bbaa9b97113a21c90445f14dd3cd9dd3f24212af,2024-10-04T13:51:25.567000 +CVE-2024-46263,0,1,7323aae120a54a0bc499e6873424bcdb35c812c01cb2aeb7fb4d02978f1612f8,2024-10-04T13:51:25.567000 +CVE-2024-46264,0,1,7398e8ee4f213a532ff410798adbee1cea0ec160593fc9dce48ee97859ff71dc,2024-10-04T13:51:25.567000 +CVE-2024-46267,0,1,010e267dc014df180a03b5edd6017a9d3da372d0ed20c353e97741aae53caaea,2024-10-04T13:51:25.567000 CVE-2024-4627,0,0,a94951b310ac8fa22dfdfb5dfa1a6f0b0e4706e2176059eb33a39431470f56d3,2024-07-03T15:45:08.187000 -CVE-2024-46274,0,0,f95ee8ac593e0770244f2d98d6f04f443d038ecba73dbada0ee6c32889d675d3,2024-10-01T14:15:06.177000 -CVE-2024-46276,0,0,56fec026f56c30c4a668871bbd28f00935562a9d18963bdbaf55f89320166da6,2024-10-01T14:15:06.260000 -CVE-2024-46280,0,0,cb8470603bde60f41f29a8f0fdd66fefd604a196bc81d1ef6889b2320b179da1,2024-09-30T18:35:08.543000 +CVE-2024-46274,0,1,d44a9ea7432d7b8601079b6a1803e1c00eaf561751435ad8f0da204d1e1f365a,2024-10-04T13:51:25.567000 +CVE-2024-46276,0,1,ffe201ded28b443ca8c2c7a56ecf8169fe398ba2bcedb29b6c07adfd9e0143ec,2024-10-04T13:51:25.567000 +CVE-2024-46280,0,1,5a66b7ecdcd76d807c972a7ebea94a8133453c4877426c1300bbe2a7c6b81c87,2024-10-04T13:51:25.567000 CVE-2024-4629,0,0,54224b2085ffd2ba36897ff032b68642cbe4c57a326e28370b5db8ffd6f494e8,2024-09-16T15:51:43.937000 -CVE-2024-46293,0,0,e318f800936ab74936ae3857b5e562d7b97d09a7e5d1d4449ae4e773afea5399,2024-09-30T19:35:06.227000 +CVE-2024-46293,0,1,d737b88fa32ca8e9cfa376b7f9d09c4f34ea852ae62d5e06ad40bbb0d6a658f3,2024-10-04T13:51:25.567000 CVE-2024-4630,0,0,a8734ce37050a74e4818d023dd3913b4f4405761deda282bae815154e00346af,2024-05-14T16:11:39.510000 CVE-2024-4631,0,0,d3c7ebdf5d9c31d124bc2c67e858e716a594cef6aa78ec49eddcc538ef63a67e,2024-05-14T15:44:13.487000 -CVE-2024-46313,0,0,3f3dc67250f9c4539e34f729f161d47979d31807b78c8eb0a7343944c9c1b1e9,2024-09-30T19:35:07.020000 +CVE-2024-46313,0,1,0b29c605876b046853c74672dadf1c8118f0e83614058ed8950277f93a0b2b0a,2024-10-04T13:51:25.567000 CVE-2024-4632,0,0,1847fe54466daf978000619c24fbece5b125c2ebcf9d5cf0d1e6a4b41146457c,2024-06-20T12:44:01.637000 CVE-2024-46327,0,0,d444c66c2d1131cacb5a6cc939ae8062aae08f60f0b531cdd6bc43039126a6e8,2024-09-30T12:46:20.237000 CVE-2024-46328,0,0,150e1d7b5fcc22f852cb919b13410447bdf1e8cb19cb878b6bbbd7be01f4269b,2024-09-30T12:46:20.237000 @@ -260494,24 +260494,24 @@ CVE-2024-4647,0,0,abfff49b4d0bc1323cd8c136d2663c14e45b73cbc22df4c684f6d02301cae0 CVE-2024-46470,0,0,4aeda2c990e579b9008226e62d5cbdc47a22a0fa6603152064e359fb3aa1bf47,2024-09-30T12:45:57.823000 CVE-2024-46471,0,0,470c933b4642dc2897ace8d3fcae6cce28009d5c4dc28b3858aee18cd52a08d7,2024-09-30T12:45:57.823000 CVE-2024-46472,0,0,905efea5ffd69a3fd22b9ebc43e76cd3335e2f2038a60c220dd9d439817a4610,2024-09-30T12:45:57.823000 -CVE-2024-46475,0,0,f67981ea4dc5deb130e35e5981398b3bd014da3c6f6093379b2c49fae0dcdd4f,2024-09-30T18:35:09.327000 +CVE-2024-46475,0,1,6dd32d21b34d5ed62fc4d47e4e31b7806525d2f693fc3da0c33e5fca3fe88762,2024-10-04T13:51:25.567000 CVE-2024-4648,0,0,911dfdcd448576dec5371ac5fe5f3ab9d434d7a73d2296063b028e9785e0deda,2024-06-04T19:20:44.580000 CVE-2024-46485,0,0,904850996ff0ccd2e4983d6545a4277eb41afbf1d891eac2f17d8f906616c485,2024-09-26T13:32:02.803000 CVE-2024-46488,0,0,41c2092a15aede67b224d6f9481dd8740d600089d5047373dfa98024a8d780a7,2024-10-02T16:21:36.507000 CVE-2024-46489,0,0,0556d6a2fec67f99959df88dbf0bb95ed9722504d8b825a29e35fd84905c2afd,2024-10-02T16:24:32.300000 CVE-2024-4649,0,0,bfe7ccbfc3404b8c708ca02f740529df891f18569fdd41077ac7c5a370b61531,2024-06-04T19:20:44.677000 CVE-2024-4650,0,0,f0fa9488793eee2640aafba918929101f3b3115e92dd694b2dacbccfd4d6c179,2024-06-04T19:20:44.773000 -CVE-2024-46503,0,0,4ac1b38036fe75f045c23095200c8437ffa99be96a41471b5f7bf60edd9894cc,2024-10-01T15:35:15.667000 +CVE-2024-46503,0,1,7e7e6832469967a73d1b65d52f27257799886a083423cd13c5dd0f8e97b27f0e,2024-10-04T13:51:25.567000 CVE-2024-4651,0,0,745218d04b1207995e3df340bed9abda2dd0952b7a1b22fcaaa17a8ad8b7b0b9,2024-06-20T20:15:19.353000 -CVE-2024-46510,0,0,e7a6cef5e6972003ab22bd0361c5aa40fa96a6884595d5d4db89058038663e7a,2024-09-30T21:35:04.967000 -CVE-2024-46511,0,0,ff6e1b7f18254f60637752a032f6d88d2dc27bbe0b85490bb4b3df4ea1f4b0d6,2024-09-30T19:35:07.990000 +CVE-2024-46510,0,1,bb46a7737029f26392a246097a18ec9ca317101031432da9b686fbbec181f9e7,2024-10-04T13:51:25.567000 +CVE-2024-46511,0,1,78cf785de24718da0c0ea71257e191470c834e4be61ca79ad4d72c264c3c4729,2024-10-04T13:51:25.567000 CVE-2024-4652,0,0,8fd7af949b4c89aa1e5f9f8bc7784e47292323116a1f6a56ecb880f3c410a541,2024-06-04T19:20:44.873000 CVE-2024-4653,0,0,7b6d5c0913690c5b51d844fc9718b4208eaa5f352f244fd41eee7be1add5e3bc,2024-06-04T19:20:44.990000 CVE-2024-4654,0,0,0088d34096b2578204ff98fe71c1f702e4c8866653411407f72fe940a56448df,2024-06-04T19:20:45.100000 -CVE-2024-46540,0,0,8c5cf694981ee98104cf81c89099ed6c6ff3c8950a58817e30ab7d3398595637,2024-09-30T18:35:10.127000 +CVE-2024-46540,0,1,82bd73e280c5a23d3b35406dd5a042ddc542cc53d99831f15d05d7d862ed5067,2024-10-04T13:51:25.567000 CVE-2024-46544,0,0,7c690592f3c3aad53f638c9c118a2efde53f0542c00b3644e612a6801f3cf547,2024-09-26T13:32:55.343000 -CVE-2024-46548,0,0,2e9e5de596ddb006d8e292285e448ef22c7fc4ff6150387a4b9ca77684ac53c6,2024-09-30T21:35:05.733000 -CVE-2024-46549,0,0,f717d8723b72b2215f04f8bb81725bc650324870da1bb99c4d4d15aa72dd26d6,2024-09-30T21:35:06.490000 +CVE-2024-46548,0,1,a76db6350fd9cf17eb17ea692a21b280803fa9cd2f4c425127b2376fbb1ea301,2024-10-04T13:51:25.567000 +CVE-2024-46549,0,1,a58dc99fbe7a6733f6bee128f5732a51ff2defe2296e61fdd35f50a9a237365d,2024-10-04T13:51:25.567000 CVE-2024-4655,0,0,95970f39f135367edf16c40c69bbdd98999f38726ef0802da749dedbafaa6dbb,2024-08-01T13:59:32.490000 CVE-2024-46550,0,0,fabf02166a8c8c33c1e426eb484bdd92b929c3c43f794ca555b97f11e025fe2e,2024-09-24T16:42:25.057000 CVE-2024-46551,0,0,7660e44e84b32e009845871d8384f85d8a68355b89c08ffdaab432d6ee39b978,2024-09-24T16:41:38.327000 @@ -260559,12 +260559,12 @@ CVE-2024-4661,0,0,f19406aac3e0e4dd229494d2c7f4a9ae6fd94c8256be755b3955222db7d3bf CVE-2024-46610,0,0,dfd11b66ad880194d4e8759fea756317b6075d327e3519259cd11f18ae0f4b82,2024-09-30T16:30:50.833000 CVE-2024-46612,0,0,a589f709811c7445ac7df28a3a7782b0e1ab03ae28a72339e484d8d02cc7d048,2024-09-26T13:32:02.803000 CVE-2024-4662,0,0,42d3ec88d759fc9bf88fc92972e0c9891830916b90a0cdbb0331ad5486f420dd,2024-05-24T01:15:30.977000 -CVE-2024-46626,0,0,b4c0ee4e29af16d2e43907e99e25ce6985822dbfcb4efcef23652ddba549adc0,2024-10-02T17:35:15.457000 +CVE-2024-46626,0,1,b2dbe1e3c2ee97096cbfddcd538250ce5664f2528c19dd2dc51892ffc471844d,2024-10-04T13:50:43.727000 CVE-2024-46627,0,0,4cc8890cea4e8322a4c476b42c8fefe2b4b66b62a78446cc66eb2d1a373670f4,2024-09-30T12:46:20.237000 CVE-2024-46628,0,0,f50f1f0723583928f80e0fb1e30a1b830ba848791b571a0759dc9426674fa140,2024-09-30T12:46:20.237000 CVE-2024-4663,0,0,26abfae0d13c9db7079b41941554710f5ceae1c12961c27d4c50148758e145c4,2024-06-20T12:44:01.637000 CVE-2024-46632,0,0,abc659def740354695cf2f3df5ac488f8137388dc197ea59e5551153368ce0a9,2024-09-30T12:46:20.237000 -CVE-2024-46635,0,0,f6d3e92a87667c9cbc9a047021a4fe2e9670f4e99e6cf851716f2f7d6e874275,2024-09-30T18:15:06.140000 +CVE-2024-46635,0,1,2a4403bf13895f55d2b7c4f0f33ade98643e62272f578a54a0ec9f112b8f9ef5,2024-10-04T13:51:25.567000 CVE-2024-46639,0,0,32a1c80f017ce1b9b0a593e635fc1fe3b0612fc660594feed34360cf471ca787,2024-09-26T13:32:55.343000 CVE-2024-4664,0,0,b622a884dca6c94dd91f571bd68ec3e5e60df69c2ec441187a6010b0dbb54f4f,2024-08-01T13:59:32.680000 CVE-2024-46640,0,0,8a8901a45f157bc967024a42c670214bc1166786f3fd7086e031ee10a8d6de95,2024-09-26T13:32:55.343000 @@ -260577,7 +260577,7 @@ CVE-2024-46649,0,0,2f03d297d29de9b605649bc98c942e9f2148e6f94209c6c18583bdb8afcc2 CVE-2024-46652,0,0,4b3d12d4ca4fe0d1464490ffd2a8b0a83e7537df776bf6ec5250968017288c8b,2024-09-26T13:32:55.343000 CVE-2024-46654,0,0,2f7453f2aae63e8bba7fabf459346ff6b4ea9f03b817ee7480b6439401e40c66,2024-09-26T13:32:55.343000 CVE-2024-46655,0,0,697c64074c19e469267289c3c91c136c8f9dbd6565ff633ca73da48524a9c0e1,2024-10-02T15:40:36.090000 -CVE-2024-46658,0,0,406fdd045d665821720e1bc696da8b1c5c21bfe613b122d6b5a5575f58b901d1,2024-10-03T21:15:08.500000 +CVE-2024-46658,0,1,e805f2be2414c87309db45c80c3f526323e612c598414875176663d14bcc74c7,2024-10-04T13:50:43.727000 CVE-2024-4666,0,0,574e789fc18a09e540199055631026983551e2de180e4487a378ddd991d469a5,2024-05-15T16:40:19.330000 CVE-2024-4667,0,0,5f6a087811f370dc89d31ef88ad63586b7ea4db405d3be18d05609409a87488f,2024-07-12T14:25:13.923000 CVE-2024-46672,0,0,2e3294d68f2514ca48393470be5abdd07b9de47f0436f7ee27b5dadd28da80e2,2024-09-13T16:29:17.123000 @@ -260796,7 +260796,7 @@ CVE-2024-46865,0,0,70400171a0d2a2312b59685baa09016386611f4b8aeadb49b1f9b8d88baf7 CVE-2024-46866,0,0,7cef57a183dfaf103a48ea5a6b9019d1b498c14fc94b38d115a386f51427cfd4,2024-10-01T17:09:30 CVE-2024-46867,0,0,8316d7997f273d3e067642701a8234592f3f2c26a3648af1f12dc5cbdd0c27be,2024-10-01T17:09:58.147000 CVE-2024-46868,0,0,f9213706fab3b425fd6d7b9c70ceaf5cede666ff7057d8fa56ee82d754aa07ed,2024-10-01T17:09:12.247000 -CVE-2024-46869,0,0,03d54fbfb222832637d46c224483567d901deab6b48b3da7bb6d708e19c51eeb,2024-09-30T16:15:09.200000 +CVE-2024-46869,0,1,9ed81572871432f968131373b48d9116fc414e30c1ec7495d6906513924c285a,2024-10-04T13:51:25.567000 CVE-2024-4687,0,0,5435981fd840e586246d5a6c7c954862d5332569f9e647b4965c896a6669b062,2024-06-04T19:20:46.547000 CVE-2024-4688,0,0,52289ed8c0286442cd44c00a18386eec964a66f3ff263d13f6b3a47ad78257b2,2024-06-20T20:15:19.617000 CVE-2024-4689,0,0,a13cc88d2e9b12d452cf9b42ce57cc1735d851f3f551a07c40e7bb0f2ee113b8,2024-05-14T16:11:39.510000 @@ -260818,7 +260818,7 @@ CVE-2024-4696,0,0,b8ce6d89da084f88972905e9878372f109e48889eae7d9f95b30ecbbc63816 CVE-2024-4697,0,0,3bc62a9bb9952d026af8ecd13a98f81fa60290945109a2f6023ef384956822fe,2024-06-04T16:57:41.053000 CVE-2024-46970,0,0,6ef16041ee18068670ae3579af5d9c59d6c6488d479945d9220353b5e1ab4205,2024-09-20T13:23:29.700000 CVE-2024-46976,0,0,02f78d527d01c9aa774dc796f1ceed3fea7faea62af60e78d26c9cc8325cba03,2024-09-23T18:27:05.920000 -CVE-2024-46977,0,0,f3cedfe953e998b1788791b22a177a7b6e488e8f3030e3912dbc25a6e579fa50,2024-10-02T20:15:11.400000 +CVE-2024-46977,0,1,323f47eb9aba40e5710c60aa152bfacdf60e32ce5765ffc44fa7ddf0a988ce0b,2024-10-04T13:50:43.727000 CVE-2024-46978,0,0,3012612591065cdf72fb760bb9d34692ccfd8a93c66cdc7533522797108e3ef1,2024-09-20T12:30:17.483000 CVE-2024-46979,0,0,bd5b4b491d76f1da7f15e1f5aed6e68afd31ea61b239078722a0e41874b565fd,2024-09-20T12:30:17.483000 CVE-2024-4698,0,0,9dba1ffb097faf0537551ac7612916f547965c7b253baf1637388ba1ee83ae86,2024-05-20T13:00:34.807000 @@ -260854,15 +260854,15 @@ CVE-2024-4706,0,0,9fb317504579dba9e9851d8ef4d6ad37a71c1b39f231cbe007ab86fbaba76d CVE-2024-47060,0,0,3723bb9e2990e983919d891a0f942a097942693d70a5d147a7a34b2c3bd8fa94,2024-09-25T16:43:47.267000 CVE-2024-47061,0,0,fe88cb5968145d279da6e4fd6edb09ab3be3c5c5915bf3eb5f15f2dbcdbe9c9e,2024-09-26T13:32:55.343000 CVE-2024-47062,0,0,c88a3c374fa0eb0b07de5442f40e8a296375128149eedfb948b94e624d4304ec,2024-09-26T13:32:55.343000 -CVE-2024-47063,0,0,7ef913b0f52a2c2f87c249824365da21f4a376160b0cd1f651073f68cbfd7c45,2024-09-30T15:15:06.293000 -CVE-2024-47064,0,0,d1c3eb2fa5975d04e490b431693cbf36aea89455eac14f0c7de0287dd6e627a6,2024-09-30T15:15:06.413000 +CVE-2024-47063,0,1,ef8c248d98e47bb74e839363585e029685cdee789de6732fef6e4d24b3b66b2c,2024-10-04T13:51:25.567000 +CVE-2024-47064,0,1,21420490a45b8aaefdc1b6d4bd2c7e4a0799d2dee64a3d505838007bd45e04be,2024-10-04T13:51:25.567000 CVE-2024-47066,0,0,0b43b85d84d6edf2581c4495657e290f15385b4237a6d0903f4ed36005e8e711,2024-09-30T18:03:58.750000 -CVE-2024-47067,0,0,0dcb8143eaf9fe25cf20fec1e5fc4df69090a1c1c753c53eb9903fc3acec268a,2024-09-30T16:15:09.267000 +CVE-2024-47067,0,1,11c88cd23cf1a822b362b5c4da6e6e5aad4cf4ba8be6cf32fd08cc0b90e2e962,2024-10-04T13:51:25.567000 CVE-2024-47068,0,0,70050872d840caaa2d3a7b4935edacfa0f683641a39a86ef80c1feff7746bbfc,2024-09-30T17:39:45.350000 CVE-2024-47069,0,0,255d89cbb652b594a7eefdca5524a576b519375e297f09c89870c40566f1ba4a,2024-09-30T13:40:36.460000 CVE-2024-4707,0,0,8435cc27f87132831b9d3f5ec9dd9fe3cf2e85b8b55db14f2e03c7e1023e49fc,2024-07-24T17:59:29.230000 CVE-2024-47070,0,0,eb4e046cb0db7f50fe7115a81e47e9b3e2a8d6720f2cc6fa65783765e5390106,2024-09-30T12:45:57.823000 -CVE-2024-47071,0,0,20aabd4cecd2fa87bfcd546bdad0f706b91d0c98fb8b7e753eb6864a0d7612ae,2024-10-01T16:15:09.637000 +CVE-2024-47071,0,1,2a2727cf2aa9f31ddc31166413e132f87e7e569f257fdb08eb6f77a7cd1bf2ac,2024-10-04T13:51:25.567000 CVE-2024-47075,0,0,fc6fb563183ec73ff3cc748ab21f019299b633a8e98bafeae8d21bcd8012663d,2024-09-30T12:46:20.237000 CVE-2024-47076,0,0,82c29f0b96fa3aec0681c5bff18d4d64d621f66fcd11bafc7be54b1c376fa105,2024-09-30T12:46:20.237000 CVE-2024-47077,0,0,da6225ab755733389945bc8204b7e8eb730152eea799320a5a148837369aa9ea,2024-09-30T12:45:57.823000 @@ -260890,9 +260890,9 @@ CVE-2024-47128,0,0,1727b49c83ebd7be4044d1f9cc5656a5d5ac70a701c41bc505c51da444c01 CVE-2024-47129,0,0,324c3dd1ecd2f0f0ca3446b858ac813a9b0dbb52075d3c73204469e924321ae9,2024-09-30T12:46:20.237000 CVE-2024-4713,0,0,a3c96b0a67396332ccb3b3b7da032ec990741228737b0623d292fd0ff6dd150b,2024-06-04T19:20:46.913000 CVE-2024-47130,0,0,71f2aebb29564e83f6cddf4f0c3a7d505431af4f47491e66b63b23434970a974,2024-09-30T12:46:20.237000 -CVE-2024-47134,0,0,4e92028f19fea01f479e340c11954f608d6f43b192c81de47a700debf3af2b17,2024-10-03T03:15:02.443000 -CVE-2024-47135,0,0,d2de8f1400bc608b1355034d0e21ee24c2038907b70673d82100d6e23ce9a7fd,2024-10-03T03:15:02.697000 -CVE-2024-47136,0,0,a8e27ba6ce5e67f9ad1372a389a7a9f9e5f12c85483a0ac821d78aed76ad7338,2024-10-03T03:15:02.903000 +CVE-2024-47134,0,1,db1bd8dea5a1002d8dfec480b066db5543f1d53fc35c00fd65d265b2fc8b9892,2024-10-04T13:50:43.727000 +CVE-2024-47135,0,1,c05096e6ed7a405a9acbfbe9f475ec9efb11146d1aa8527686e9a8773957d005,2024-10-04T13:50:43.727000 +CVE-2024-47136,0,1,2d48461c8309214652e5b017fc8af3a7ce4f5876e09ec811be8dc0866545aca3,2024-10-04T13:50:43.727000 CVE-2024-4714,0,0,d7e9d9d95d84a12a856ae94c0b47f221a8b241db6b1f0d94ea74b84fa1b36764,2024-06-04T19:20:47.027000 CVE-2024-47145,0,0,1a35765c26b04b61b861cee47b184170021783241b94fd51efafd1127befdb57,2024-09-26T18:42:33.550000 CVE-2024-4715,0,0,8280b54df57d141f79c5c5ba7edbd4b8610f06a30ecbd5ba39cd6c268b4b3f05,2024-06-04T19:20:47.130000 @@ -260904,12 +260904,12 @@ CVE-2024-47169,0,0,3d7d577c82be13838843013d038c262ca65c719ce4179d733fb886eea7d8c CVE-2024-4717,0,0,7921e256cd1b57dcd690590999b44ca8d29db58a18405deda5f12fdfca691aaa,2024-05-17T02:40:34.317000 CVE-2024-47170,0,0,5b51e77bbaf0aa4d73aaed7035aaf98c0f3c0e8a355756474eeb1aa8a1be9c4f,2024-09-30T12:46:20.237000 CVE-2024-47171,0,0,48e31c72c69d0bb6a9d666c7c99661a52d3c05dd11adcb85b19ee942d0085d2e,2024-09-30T12:46:20.237000 -CVE-2024-47172,0,0,551279932eaa8f0ddcfd4d757bc39960b93a80856b0a5e65cdb997b065635c4c,2024-09-30T15:15:06.523000 +CVE-2024-47172,0,1,4b79f4b3803af95fc411c443fe5cc5794c9441cfc034adffdc054b0882caedf7,2024-10-04T13:51:25.567000 CVE-2024-47174,0,0,45d61976806e6f261b6617173dfdd81cff9ff5aea1e4ed00e3593fe1fbbae7df,2024-09-30T12:46:20.237000 CVE-2024-47175,0,0,98b0f302dda13c9ca08be74248115e033049a678f05ea7e4015fd75a9b0cd66d,2024-09-30T12:46:20.237000 CVE-2024-47176,0,0,1236859fb548f3604f95f88a62b235a85b1497f9815e39d76c2bb849d27602db,2024-10-02T20:15:11.520000 CVE-2024-47177,0,0,c3d1fff6e6c651906b3b7b3db7e611572822f47ef60858bd0aa18bbf89a3315d,2024-09-30T12:46:20.237000 -CVE-2024-47178,0,0,e086418bd8207ac1a043b6e2c4d1942cea388c2446c3e78167e76f3ecaedee55,2024-09-30T16:15:09.410000 +CVE-2024-47178,0,1,4b3608cd773dadb192e16beb77fa1e65e8ee51bd05c7dce0427d0f28ff63847b,2024-10-04T13:51:25.567000 CVE-2024-47179,0,0,d53006137adae685c7c1c2137c456714ed89b092428bbe15520d76109ed40b36,2024-10-02T20:15:11.627000 CVE-2024-4718,0,0,2fda56f630ea417950b3260007ed553b407a44c514b05be289e283a21ee915c1,2024-06-06T20:15:14.717000 CVE-2024-47180,0,0,657c5516ab8b6145e58c8aac2b3c60b2287f164333060e376b2fc3a8acbd6fb3,2024-09-30T12:46:20.237000 @@ -260941,7 +260941,7 @@ CVE-2024-47291,0,0,b405a6fecb729547c889865c82ddc892ef58104fc3d0eeff1326133541441 CVE-2024-47292,0,0,50a5f55d1cd7f04a27961f6de324de9237d82ece0981e52bba9e38c14afb7e8b,2024-10-01T14:23:58.267000 CVE-2024-47293,0,0,8066415ca7197eb9a32d1acacaf53d321554e5f9cb22e4a1be994c73edda7213,2024-10-01T14:25:31.430000 CVE-2024-47294,0,0,616aaa0c0c25f743060360eec6e57e8d54e0c598ed571a7197a1a165758173ad,2024-10-01T14:27:54.577000 -CVE-2024-47295,0,0,c93abca76c7aa66145a5a013b2ec6fc0d6f01bbea875548408ba1b2806e98d17,2024-10-01T14:35:03.430000 +CVE-2024-47295,0,1,e2e23f79bdc2d34fff41ad7b237b64b4377c53fc19d83ce80e380fdc2e18eb32,2024-10-04T13:51:25.567000 CVE-2024-4730,0,0,055c30f8bd03259d264f17e44955582c75615e93d958180e12436700bac392ab,2024-06-12T20:15:13.300000 CVE-2024-47303,0,0,bf8d75e01dd1aa85338666dfdc484b4a62ecc62745a2e39a6913339b9fa92fed,2024-10-02T19:00:24.750000 CVE-2024-47305,0,0,7c018d03a71f28200e41a87d693293b1e365b3b52710d7dc9c8bc548afdcc447,2024-10-02T16:35:40.077000 @@ -260956,7 +260956,7 @@ CVE-2024-4735,0,0,74f4fbd101bb46efdc880f338cfb70c8fd3a6ef365bd7732d2107c79fb3d78 CVE-2024-4736,0,0,d66d2cb2e0afad57d9d4fb0dd29db1ae480425b093ff5e46c35972ad67bf1599,2024-06-04T19:20:48.497000 CVE-2024-4737,0,0,bd8c1ff0c2bd0234c81e53807fa1f8ee5b80721a1ba19a06cab0ffcb77875865,2024-06-04T19:20:48.597000 CVE-2024-4738,0,0,fc42ba0968ce2d3cd6a759727e85c03dbbce46854db0b2e928b2a8457ade2245,2024-06-04T19:20:48.783000 -CVE-2024-47396,0,0,be21de0713629f003c5fdad26d54bc2a9b03f7874f9c993d2649ad1889742b23,2024-10-01T02:15:09.933000 +CVE-2024-47396,0,1,6e476c6cf26f38283e3d61fa442a94302635b62a84c847a353123b5fa4f97bed,2024-10-04T13:51:25.567000 CVE-2024-4742,0,0,b62cb9a09c7db689b4e755ae70bed9b2375aafaa790f8e2b3ab80c930d94850e,2024-07-15T17:10:34.403000 CVE-2024-4743,0,0,213080d2ce7e290785906918b766d2dd6153d7beb42f4a36c418fabdb6096c44,2024-06-11T17:32:50.367000 CVE-2024-4744,0,0,f2a62275342fb4e02e31ad60fb7b37b3a8ac2b2376213a1fba752ece8166ef2e,2024-06-12T16:44:12.157000 @@ -260968,43 +260968,50 @@ CVE-2024-4749,0,0,21df5bc0093c94425462a6e59e75544f486b5326a781fcb494e0f25aa2f7ef CVE-2024-4750,0,0,e7d885dbb56d4f9fc74f5666b8e26860ce8baddd6593d5428816201f1663fb5f,2024-06-04T16:57:41.053000 CVE-2024-4751,0,0,258479d9744cea39d1125b819c638c567793396e05305e64bbc0e320bde2cbf7,2024-08-09T19:35:10.473000 CVE-2024-4752,0,0,6bc9a9ea56288a6bdc9797f778ecc1371bb94f8257819cae6e07cdc5634a3ca3,2024-08-01T13:59:33.713000 -CVE-2024-47523,0,0,fca2b0d3b1acc48eb24e4a02cc1e9ba9635ac9f135f59c304acc058ad85d9be4,2024-10-01T21:15:07.050000 -CVE-2024-47524,0,0,3aec47c770f6d1d3bcb3c93afa50d815d55cf5bd0a76155277e66f52d1432216,2024-10-01T21:15:07.297000 -CVE-2024-47525,0,0,9a4e8f76e84229f4808462d3a570657a25dda99b3c44f531ee53664db59a21d0,2024-10-01T21:15:07.520000 -CVE-2024-47526,0,0,43af752c3e2fc7342ec611606be28a580ed0ec758c75ca78eb986e06173bde43,2024-10-01T21:15:07.740000 -CVE-2024-47527,0,0,34969198f4910991ff7dd37ae24149a4937c9d23978ca5ae81c80cd14b82849a,2024-10-01T21:15:07.967000 -CVE-2024-47528,0,0,42a89c9de9daba9825e4f69033d8b0f23ace38d0f36e48a2e9f0b8b491aa06ad,2024-10-02T13:35:02.263000 -CVE-2024-47529,0,0,1e35d0589eee26f0285399ca0e984d50f699c49f671389efb9a97b2d6d66c0db,2024-10-02T20:15:11.740000 +CVE-2024-47523,0,1,1257c9b462b1c76191fd448e4264e27047f2223eb318d47b6d479ea10ef96296,2024-10-04T13:50:43.727000 +CVE-2024-47524,0,1,77296b251ba1494f06bcdfbc6ea161d149e1205d582f48b9fdc9c430ceb9a466,2024-10-04T13:50:43.727000 +CVE-2024-47525,0,1,0e46a76138f239d289b7a461c13de304780bfef65c1934e906ee3b91667765ee,2024-10-04T13:50:43.727000 +CVE-2024-47526,0,1,eb16a10d8f74cde3579603749ff3cfb381488e1ecf42d3c0633b2eaac9e4c5e1,2024-10-04T13:50:43.727000 +CVE-2024-47527,0,1,ea9e12cbeb0ec73703f758fc09275d72173eea36aaa0e35ccd2c368e0fd47227,2024-10-04T13:50:43.727000 +CVE-2024-47528,0,1,f8a40bc5f3a1abfe246d4cda70316c63fc753979863ed711468abfa611b23cd8,2024-10-04T13:50:43.727000 +CVE-2024-47529,0,1,34283f2d46f63958e88a4c9e1bf6051bd39afb28245a7d6e6fcfb00459d368e2,2024-10-04T13:50:43.727000 CVE-2024-4753,0,0,9e12d2c068502550c7c14176439a96816e2b604b1703bdae766fcb5d094be144,2024-08-01T13:59:33.903000 -CVE-2024-47530,0,0,fba522e024b83acf70358c93acf37e114887d5fe3a476a11c9462eadc0b44e72,2024-09-30T16:15:09.540000 -CVE-2024-47531,0,0,33301edab0f0649702484b01110937da183dc72540869ebdc9cdc877c211a23a,2024-09-30T16:15:09.750000 -CVE-2024-47532,0,0,260108fc45e8ac31160035cc2b3e7ed0f7f45e8ba1661343699d85f76bbe06fa,2024-09-30T16:15:09.960000 -CVE-2024-47534,0,0,671e6c0c25dde8e26f9c5f40d1c53b3b411fe0b9cd99c946b70166162df34376,2024-10-01T18:35:09.730000 -CVE-2024-47536,0,0,6e4acb61d2da8d00872363d19c0ef06b941da325b5d169aae3bc2073325756a6,2024-09-30T17:15:04.780000 +CVE-2024-47530,0,1,fed1c84544c0e51056ec77fc5d6317c40fbcbb8ff2284050a11260f26a3d0c29,2024-10-04T13:51:25.567000 +CVE-2024-47531,0,1,3c1eac025448da4ef56a64b8782ce45f8d883f9cb11cc38200fa63f6c47d35ec,2024-10-04T13:51:25.567000 +CVE-2024-47532,0,1,8782a61a2e6393b4eaa2920ce672fbaf71cd431530e5dbfab9dfea37a0c9da22,2024-10-04T13:51:25.567000 +CVE-2024-47534,0,1,2c8638aa4776b453b12ca3480cb4741f7283b9b6a2cc41fc9eec726fcf451424,2024-10-04T13:51:25.567000 +CVE-2024-47536,0,1,353df15c5abe486c0bd2000eeee4b00375b2403ebe72a10be7f49c66f18c4bd4,2024-10-04T13:51:25.567000 CVE-2024-4754,0,0,43efa3a5287d05b500ecfcf4503ad62e1b41a22939150352bf102c1b98a3511a,2024-06-24T12:57:36.513000 CVE-2024-4755,0,0,ca5306e45de4985a027d64d4740785092288eb6abbd1ab6d1fda3377d88d4e7e,2024-07-03T02:08:01.477000 -CVE-2024-47554,0,0,a6a08e7ba4c3d06cd09f47147e9e1395bcd7f8c1114bee9a753963aed9ce8ba1,2024-10-03T12:15:02.613000 +CVE-2024-47554,0,1,ed4aff6ea0e7ac69533e960f0592e4849edcc0303a79e4282ca0e96ec7b37a4c,2024-10-04T13:50:43.727000 CVE-2024-4756,0,0,56f5675f964fc18dbd2235a67dc0431c0553314b21f097091d5942b6bc7c2044,2024-08-01T13:59:34.090000 -CVE-2024-47560,0,0,5caab4f334b489685c2797622a0e89a871740bd9a0b0ebcc5ba80ebc1f75f752,2024-10-01T02:15:10.143000 -CVE-2024-47561,0,0,c751582a23f3bd887e221830d9cc00f219c623491b0ae19eaa0284a7f35314fc,2024-10-03T19:35:17.510000 +CVE-2024-47560,0,1,b8abd4241aae2bbcacde7e0c93543de13fb150a4040a68118a29f4e634e60873,2024-10-04T13:51:25.567000 +CVE-2024-47561,0,1,1187d18aeddf57f3855631575eec8fc1684027bd65a7263241fe4e3f5d2788bc,2024-10-04T13:50:43.727000 CVE-2024-4757,0,0,8697ca9e70d5ba37736a0a67620900f7a3da7cbcb97e29086de20de73cd3bfef,2024-07-03T02:08:02.463000 CVE-2024-4758,0,0,725af37997323245576176c0490558b45926193602683436c3054da734872332,2024-07-03T02:08:02.707000 CVE-2024-4759,0,0,88e594c7c898a4e82a1a8532a1f049d1a9fe25baf60278988c21dabe64f2896b,2024-07-03T02:08:02.923000 CVE-2024-4760,0,0,68ac2eabdd1ace978fad05fc48c22bb964a87e93631e50aa97e53cb7b4952d59,2024-05-16T15:44:44.683000 -CVE-2024-47604,0,0,b6b4fc903f99b2043f88ddbd3163a454dae216b1bade4187e503e59baa13044e,2024-10-01T16:15:10.003000 -CVE-2024-47608,0,0,183b8f26709f0bb4c9315ae5ac8f0737eedb89fb07f4c926502b272e6d5567a7,2024-10-01T17:15:08.970000 -CVE-2024-47609,0,0,555d6b2b05ef097d6f46eab3f45f164bfb9fab39f1ce72e0c1426713e9aa488b,2024-10-02T14:35:07.770000 +CVE-2024-47604,0,1,5221b4094b7a2bae2ba329933c1485a57bd9421ad0d112c374cd4d8ea378e664,2024-10-04T13:51:25.567000 +CVE-2024-47608,0,1,d223541a3f37bcb4003e8394844c4d4236686d73a7bc0a8bfd2540d277a9380e,2024-10-04T13:51:25.567000 +CVE-2024-47609,0,1,a40985fb9367be25d25953301cdaaaedb4fefdc923900e20947726055b93b1f1,2024-10-04T13:50:43.727000 CVE-2024-4761,0,0,490aec64931f999440aa7ba804cefb45baa762d4b1b18a12f1a0ce61a5d54b49,2024-08-14T17:06:52.260000 -CVE-2024-47611,0,0,b926e9df1217329843befb987d6ebbb03fb5af9de6c2becfc5849934dc4fb029,2024-10-02T16:35:34.060000 -CVE-2024-47612,0,0,1981a610491546210a30a6a2dd9f593698e6ec4275e7e7b83130f7f983dd1587,2024-10-02T15:15:15.133000 -CVE-2024-47614,0,0,5adcca0930f8074bc2d09270af94a2090c38bdf85966129177b2aad805b79757,2024-10-03T15:15:14.720000 -CVE-2024-47616,0,0,a7d3f503a853c11898853a62534bb4f89f4a718fdcf53427abfb02951598aa75,2024-10-02T22:15:03.010000 -CVE-2024-47617,0,0,5e38829b22784c5c123a9364978681089e70a59d7e2f900ec4a5f2ff0e0d1f18,2024-10-03T15:15:14.937000 -CVE-2024-47618,0,0,a43adc5787285f733831a204181d4bb30a8299d5e1d5e8c35eb826dba7f3f276,2024-10-03T15:15:15.147000 +CVE-2024-47611,0,1,0f71d2d3efa3e10b2943a85569330dc65bf1be2a06e9f4bba711a7ffd62c7ec4,2024-10-04T13:50:43.727000 +CVE-2024-47612,0,1,d7d4b9bef3eb832e4635f62133a590b34d92b314497901a1cf4e0bce3640a5d9,2024-10-04T13:50:43.727000 +CVE-2024-47614,0,1,5fe3af92e23232b8b36de76214704cdba0d6642b9d9b0303d25099dae284db0c,2024-10-04T13:50:43.727000 +CVE-2024-47616,0,1,858e2824018889ba67f8cabdb1c66da573f6d5732aaa656ab4224aec4de643a1,2024-10-04T13:50:43.727000 +CVE-2024-47617,0,1,9ed0528c2b0d03a3b19eac614adcd2a324732168fac8427e35d7a6eb10eaa790,2024-10-04T13:50:43.727000 +CVE-2024-47618,0,1,5cac808af34257e3f5b361c06cec3f33bfe98593c838552b2eee66c0cb187691,2024-10-04T13:50:43.727000 CVE-2024-4763,0,0,674813a6ab24bd703f885b42dfe132f3057b83ab6d40519e0af01ad0b69a7ece,2024-08-19T13:00:23.117000 CVE-2024-4764,0,0,d4513c07467374a5b389bb93120fcb2ac353ef34ecf409f85646dd7a83574a17,2024-07-03T02:08:04.193000 -CVE-2024-47641,0,0,d8a923752c07b02ea5386415a7b0ad8cc8f9093d938474666f31f411f6951ce8,2024-09-30T13:15:02.570000 +CVE-2024-47641,0,1,20121fa3c4c5a3e4a909974f90b64e2e442d0d40e7dbc52d4d9a68852218f553,2024-10-04T13:51:25.567000 CVE-2024-4765,0,0,2cc9c7bf1e2c28194496aab966e3be262d91c35cfd4edb32adc2df596a464b78,2024-08-29T21:35:11.807000 +CVE-2024-47651,1,1,a5c70d4582bbdb3780ac3463bdf31076b74c5748ebb37496a5c0ac719743777c,2024-10-04T13:50:43.727000 +CVE-2024-47652,1,1,0106178cdc2d236f6bd6fb41168a986de53675f8839d6b1fc83ef0e66c837bbc,2024-10-04T13:50:43.727000 +CVE-2024-47653,1,1,9abed72960a84ca31096d60eaeacc7bd22cfefab657976224976c20e44cb9674,2024-10-04T13:50:43.727000 +CVE-2024-47654,1,1,c063b2ef86115a996655e38ded9b00a5dbd609aea4e515001d1d61acc0e2d78e,2024-10-04T13:50:43.727000 +CVE-2024-47655,1,1,38268467637f3433ead865c4d53b98effdf5ad06b5c2f799470b492b88830a71,2024-10-04T13:50:43.727000 +CVE-2024-47656,1,1,7a20585ec39bccdb1c36f63c7ddc6799bb573e47e81f7253c1057fbfa3e19cb8,2024-10-04T13:50:43.727000 +CVE-2024-47657,1,1,fd6e9fac7740c0df68f13821033b31ca3440e5b3cb2262623db7046370d07e4d,2024-10-04T13:50:43.727000 CVE-2024-4766,0,0,2055f7e2ec48f00fc79991c0efa64507537f075393b9abe23a04ed1e0c30396e,2024-05-14T19:17:55.627000 CVE-2024-4767,0,0,ac8fd08be8bf5dfebff2c5bd3958a6b91cd60ea11215d2f819ca56e82a8bdf8b,2024-07-03T02:08:05.290000 CVE-2024-4768,0,0,eca965b33b3bb965dbc6e4fa576e2b459dc24fb57cb15a91596443aba7e291e4,2024-06-10T17:16:33.883000 @@ -261016,24 +261023,26 @@ CVE-2024-4773,0,0,451efafbcecc3ef1a9913dd6e3fbbf39d79f9aa10bbe1841409a244ef36a04 CVE-2024-4774,0,0,a30e3c0a9681e5745664b5a7d21e43f4931cba5ae0f7ac5d13f7a53db899f70a,2024-05-14T19:17:55.627000 CVE-2024-4775,0,0,e28694f3b8983e1ffd74471dfd44709d0dccce69f1a573f2d66ebeb202246c51,2024-07-03T02:08:07.390000 CVE-2024-4776,0,0,8d62a3fb449cd595ed01f29a43c4395459263028a3240838c3f471dfed40e010,2024-07-03T02:08:08.187000 -CVE-2024-47762,0,0,1346de6c9eebcb3ecfa26577e28e64e9b9715412362ccd0f60c5011a9a76310a,2024-10-03T18:15:05.287000 +CVE-2024-47762,0,1,faf4eb81ce6d805e421dff7a7d50a27f6affd6a56e4bb98171a2180279fc1ecf,2024-10-04T13:50:43.727000 CVE-2024-4777,0,0,96d0d896ebb105a32ed437e794c8fc4ba926ad921436ba17bdb49a1a49737be4,2024-06-10T17:16:34.070000 CVE-2024-4778,0,0,e3020a287fa6ceae8ff9c78434f10af4d17cf4058dd5bf80208c921b6bc68bef,2024-07-03T02:08:09.053000 +CVE-2024-47789,1,1,0349696d36cadc48041796d3cde8ea269da483b10c177364bf60fbf0c4fb2e71,2024-10-04T13:50:43.727000 CVE-2024-4779,0,0,7a9d6158e8d260b03b3581dd37b23bd10d59ba6243714ad236ba79968e8d9b16,2024-05-24T01:15:30.977000 +CVE-2024-47790,1,1,1f668faa23a91dd91f71cf06e76f1527f76bb8429eca10f034e0a28bf1b53cf7,2024-10-04T13:50:43.727000 CVE-2024-4780,0,0,4aec24b958d50bff73d14c7bd2f67b2a9793d4893d5ddbdba18f0fb02ea18cc9,2024-07-16T13:43:58.773000 -CVE-2024-47803,0,0,a9a67b61fdcb4757c6e6d3bc6151177c2c973b5e0c1d174afc8511a1486e7b9e,2024-10-02T16:15:10.630000 -CVE-2024-47804,0,0,5eaf8294cfcd4a5d65dc8d9fb1b6d4ecd42b0948f1ec1702cde5a1152ffc7e83,2024-10-02T16:15:10.697000 -CVE-2024-47805,0,0,ded7232315a4d8c49b960c86dc1c18b5736d1b2cce6e8cb380ebda3a9f4d22dd,2024-10-02T16:15:10.753000 -CVE-2024-47806,0,0,fdec1ce2d6768d8f1e400b23e12eedeca48d26ee6da805999377b112efa98557,2024-10-02T17:35:16.567000 -CVE-2024-47807,0,0,fbf2b5641e02496ca57a08a6b36ab0493bfa73ffbb1f158c0fd3bb3a55b43be4,2024-10-02T17:35:17.357000 +CVE-2024-47803,0,1,e1d97b5f24ae71b6bd2435048764e12dedac3de98ce838d43be96ca9d7087e5f,2024-10-04T13:50:43.727000 +CVE-2024-47804,0,1,a4af3b64d3fcfe309769ac07755d247ecf7636977262b35234365d56289d52aa,2024-10-04T13:50:43.727000 +CVE-2024-47805,0,1,22ba52af9df34d0a80a1165aace8dfa18730f593f709643a29e4cd8d37bffd53,2024-10-04T13:50:43.727000 +CVE-2024-47806,0,1,7da0bb8e7fc9c3b1d389ccbc624a09ba22b5eddfdda079b80b993589f773a85c,2024-10-04T13:50:43.727000 +CVE-2024-47807,0,1,6f73fcbd170bbcb4214e07d010ddde34567b580923105f0e5418ba9615969635,2024-10-04T13:50:43.727000 CVE-2024-4781,0,0,75b4bbbeaedf32c6df964ae89a5896455d04ecbdf24f849877528cd42d17cfaf,2024-08-19T13:00:23.117000 CVE-2024-4782,0,0,37dcdb14f7d23ae467b62646ac8eb504448e2a7781e3c175892c72dc54d3aebf,2024-08-19T13:00:23.117000 CVE-2024-4783,0,0,413c0436e6758a988a0c847533b21e34b17a9d936626eba8cda1a5d1f87e0181,2024-05-24T01:15:30.977000 CVE-2024-4784,0,0,4cc2a5a387e2d44a289947f3cae3cd294fd9977dc8f62a4a2754567f4ad78544,2024-08-23T16:59:30.430000 CVE-2024-4785,0,0,86459565331431d4effe5c5baf904159b952a2a7d490db9da0fcd3795764e799,2024-08-20T15:44:20.567000 -CVE-2024-47850,0,0,5cfa949a2f348d42209a7ad3229b3dfd8e701c71f62b530011920d6cc2b47a69,2024-10-04T05:15:11.243000 -CVE-2024-47854,0,0,8ada47c8e41eb3ba9174f6b1435ebc115a61393d1f9e0638f68136c31d9e2c64,2024-10-04T06:15:03.027000 -CVE-2024-47855,0,0,61e282832f73281829ef7583678470d096ee6a7f581cbce86a225d728613c584,2024-10-04T06:15:04.093000 +CVE-2024-47850,0,1,39f7eb5acfa5926ae9180d9c76109b294c264e1eb61a144242ffb5aac9848b8e,2024-10-04T13:50:43.727000 +CVE-2024-47854,0,1,49d2ff5f872bf97be36179db2ff9e4fbf51aef335df0b5e21b4774e5fd43bf87,2024-10-04T13:50:43.727000 +CVE-2024-47855,0,1,ff52cc8efd16010ace1ca5c24f7c166f3d1a0b5862371f0cb96dbe810ee6ad58,2024-10-04T13:50:43.727000 CVE-2024-4786,0,0,bbc8c5b9b549878acd4ee1e5896d7add0ba995b55e84e619083dd37cca26f8f1,2024-07-29T14:12:08.783000 CVE-2024-4787,0,0,6e9b8652de9328ef9248746b2fe52f715cb97566c59048ae6277a1aaed304f45,2024-06-20T12:44:01.637000 CVE-2024-4788,0,0,036e4ce9e476328c73022572d41365684f416f1f77ea3a1f5e72bdd2454ce2ec,2024-08-05T20:23:52.467000 @@ -261924,7 +261933,7 @@ CVE-2024-5799,0,0,7dd7f7ea5b6fee89dd0eb91dacd880561304ae591d99359107b4e3e905c13d CVE-2024-5800,0,0,a1cb578d92a5ce21abf5c6c3a9df30d0f15dec959b83eaaecf5cab603de30571,2024-08-12T13:41:36.517000 CVE-2024-5801,0,0,668584c28d68f34806b15aa23a003fb18ba18cb7fb2d24326345f03f0e3dd0a3,2024-08-12T13:41:36.517000 CVE-2024-5802,0,0,71daebe4bec626c1d71de5756a51cb35bdbb0ec81769b121e428d7e1cc0f8395,2024-07-12T15:20:14.610000 -CVE-2024-5803,0,0,f9a58c1ae7f8f547401f8d3f312040c3a2c345231f4deeb852da86c798cfc58c,2024-10-03T15:15:15.310000 +CVE-2024-5803,0,1,1cc806b115fefcea649cf7f98e949fac31d5f2707f647bdc6896b1097b3dabd7,2024-10-04T13:50:43.727000 CVE-2024-5804,0,0,944c60e3868cb88abd10c74562e980fee4d055c47351e0f84fb7de6b37f889be,2024-07-22T13:00:53.287000 CVE-2024-5805,0,0,c6bd0a254f95da4bac1aa9af34b5a1c8bce84a0c9ec724d2acad9f30a83ad74c,2024-08-20T13:37:58.923000 CVE-2024-5806,0,0,91588fb1cdb8115c3da665d3d031e599ad42ef712f85a57d764591dd0370421d,2024-06-26T00:15:11.293000 @@ -261974,7 +261983,7 @@ CVE-2024-5852,0,0,17ae123c3ebaa5002b861453d278a4e3499e2a8a6baca11a20783ec79d4cdc CVE-2024-5853,0,0,fce39775d007fbc741a3f2bc4fb52875073a382bd362c86e3cd6e44d0a9e6207,2024-06-20T12:44:01.637000 CVE-2024-5855,0,0,470fd388735694b7759ccf5036e6a18639fe074b164bc2d2da9695a799e80c03,2024-07-09T18:19:14.047000 CVE-2024-5856,0,0,6c7682487972a7913d7724c221dec1f8cbbbfbf7a2635cc868862316d948dc72,2024-07-09T18:19:14.047000 -CVE-2024-5857,0,0,243e2e7cd140b83f0eace27300de2d0bf59589d3486cd2910833ffeb01643266,2024-08-29T13:25:27.537000 +CVE-2024-5857,0,1,bfca6e1985d62bacfaa23f2fa5969b9d959e9f6d7baf8de664ab5abd7010848c,2024-10-04T12:59:27.290000 CVE-2024-5858,0,0,63cb7f6cd58686ca5ad3c57990888086a18b2814d4915e424991a00332eb64f9,2024-06-17T12:42:04.623000 CVE-2024-5859,0,0,72e4b113c686d9a3109f00890cd02d7c66daeaf956171b1cfade7c196becbe2c,2024-06-24T19:21:07.943000 CVE-2024-5860,0,0,56b79e1c6d22cf1e6319b4d2696b988928a56f1c09b2a292e92b44a530d0359a,2024-07-05T13:52:14.463000 @@ -262000,7 +262009,7 @@ CVE-2024-5885,0,0,dcdbec1e5ab1fdbf77f5f1b7e765973fbf7491d04e03a7c4b99d66ab0997c5 CVE-2024-5886,0,0,c6e7cb024adb68ffe24a326928e4d7c782b39c0023921bf84bad462101dad3b7,2024-06-20T11:15:56.580000 CVE-2024-5887,0,0,9566859cf83ab696aed1d992c858295b1ee73a5dd4c0fa67df0787b71b1dba0d,2024-07-17T12:15:02.013000 CVE-2024-5889,0,0,fbcff794637f48a8b78c74fdd2956f49b1e81babb06e13aa124ccff6d03acd89,2024-08-01T16:50:43.603000 -CVE-2024-5891,0,0,4d9cd93b68932b30ddd69cc20e3e90ab887e47d7f9f9ea7deccb68099c9f8e76,2024-09-26T14:45:01.307000 +CVE-2024-5891,0,1,a1103d3c594e6c6c8995aad9b94775b3d253fc3aed0174490e511fc908219bb6,2024-10-04T12:32:13.813000 CVE-2024-5892,0,0,c827287e71db613eefb73da2ddb327e45b7bab6b508053dda1226986578187ad,2024-06-13T18:36:09.013000 CVE-2024-5893,0,0,78ef67dfe3790c320a0f9ba1a7349940f70da93d76f5f0750d1f242e1c8acc0a,2024-08-14T14:02:14.170000 CVE-2024-5894,0,0,2ca8d7bc4f289327e2cc7549cb6900713929f3b52dcc0a719c523dd433b7a91c,2024-08-14T14:05:24.070000 @@ -262079,7 +262088,7 @@ CVE-2024-5981,0,0,ef1af743cedf4b6b2a243e8210155140211219a91ac8483d52ff9c2f041ab6 CVE-2024-5983,0,0,e453627058811c95a94483155fc84de41a398cc957b204d5491729f060f018a7,2024-07-24T02:39:24.200000 CVE-2024-5984,0,0,89f42ffe1afdcb4773f46da639d99adec4fd2f40289999f555344358fcd06ab2,2024-07-24T02:37:30.717000 CVE-2024-5985,0,0,4b7f0c13c1d049ea5b2816f8e8132ec8aee9a2fb74d5d00bf96c05e553a08b22,2024-07-24T02:34:43.900000 -CVE-2024-5987,0,0,80b95041335e9c6c0cba79b97b2237a77b412b6b9e4ce7d678d97adc1c3af521,2024-08-29T13:25:27.537000 +CVE-2024-5987,0,1,9f5d4d598ba538a4bc39761ebde8ef687245a63d4b07ae44ec59749beeebe32e,2024-10-04T12:56:47.997000 CVE-2024-5988,0,0,7d5e21f2246cb887caea04ab5932ae9084dbb2197bf94e4f89acc00a5f33cee9,2024-09-16T12:07:20.767000 CVE-2024-5989,0,0,dfd3cc5d0cecb773f338d5d550b90f0da986feaa9901700c9172dabb85cfbdc0,2024-09-16T12:08:03.447000 CVE-2024-5990,0,0,74b820888dc43d4b3514a3bc2da36badf33f6d5fcb5914b2d81537c9a36b892f,2024-09-16T11:58:38.363000 @@ -262134,7 +262143,7 @@ CVE-2024-6046,0,0,7dad2a883b5a6da9c2e106a85fbceea037db3e317153d640ef723443f1cc06 CVE-2024-6047,0,0,85682382a3873811b400f354140b032b3237064163e98177d5be59d88a26c9c1,2024-08-01T22:15:39.020000 CVE-2024-6048,0,0,c67416098261daba4fbb7cd933140c3939f890be764cfd8ea2022f29e8208654,2024-06-17T12:42:04.623000 CVE-2024-6050,0,0,977e3c1d954bb2d407afb4f807be75a02157bd9cd72111a32e132ff13e7f9262,2024-08-15T17:21:21.920000 -CVE-2024-6051,0,0,39393e293c6f3fb8ea07035e5bacb8f4320a88b440b3db66b904ff2903a9ff77,2024-09-30T13:15:02.800000 +CVE-2024-6051,0,1,9740107b5da610f5b7276dc508ceaf0014cb04cfa38f8de362bc7a6604390684,2024-10-04T13:51:25.567000 CVE-2024-6052,0,0,32d564c18d4d17b199f574c28ffe31c1fb3d7a1b6f6859f56e252f37a5a22c28,2024-09-16T14:15:13.410000 CVE-2024-6053,0,0,bad8fea9e1557f6e3942b82b20978ade64544c8438a72e97ebb03355ea705f3f,2024-09-19T17:22:36.697000 CVE-2024-6054,0,0,dbd3e49036b5938301871d5a6c67ee17ba89370e3288082b00ca89a51a1f06ed,2024-06-28T13:11:58.810000 @@ -262405,7 +262414,7 @@ CVE-2024-6355,0,0,7f4c7fb5a41a7b4cf241f6b370777bf2a8cf0ede73cf75d47093e841c71a69 CVE-2024-6357,0,0,d17a8b9a4a9bc17bd90a79ef1b2a022c26416b8ede91adaf116bd0fc1d0de886,2024-08-19T17:23:16.973000 CVE-2024-6358,0,0,3e184968ad38f7e6dfc49915eadebc5cb02badfeeeea523a574397eb20c849cc,2024-08-19T17:31:29.647000 CVE-2024-6359,0,0,093dea73109d9b2f23d9e6885d4ebbb2b84fce28b7a075a363fc879a286259cb,2024-08-19T17:30:31.880000 -CVE-2024-6360,0,0,a6ef0453763d95703475c0dd0195f8c2e77e9db2febc3a4a627687c5fe42e38d,2024-10-02T16:15:11.103000 +CVE-2024-6360,0,1,f58949cf730e66f18f3f34781a76cb26c3947956180cadebe5c683f3e688d449,2024-10-04T13:50:43.727000 CVE-2024-6361,0,0,a3e4bbdd0f4905fca66747fb0442673a0924c1ae81b12b0ea7c60a6803fd61d3,2024-08-28T18:17:35.497000 CVE-2024-6362,0,0,aeb770c7b39ef36db7bd4a49056b449aeba256942be50c6b83f329d15f15257d,2024-08-01T14:00:20.147000 CVE-2024-6363,0,0,455979652b8642d7eb5b747949e6f02be3f028b83d7cfc357521a34bb9d7438e,2024-08-01T17:00:53.130000 @@ -262441,6 +262450,7 @@ CVE-2024-6395,0,0,8949d2f54703284d3b545906a65282811d0c7a0bd7bd2d1ca2dc3e2d333d4c CVE-2024-6396,0,0,9e4b547b4d90c33704c90a7cfe67a136b4a49a6d0168d4ba570b6960a74fd1cc,2024-07-12T12:49:07.030000 CVE-2024-6397,0,0,69c6adc6e74f8320b438655fc21122936f7ec03e924b3cf51bf011308451b2af,2024-07-12T17:02:56.110000 CVE-2024-6398,0,0,5e78ff46f697643e5cc753102552fe7954080f3b71babda50e4591659f0fb988,2024-07-19T18:25:44.247000 +CVE-2024-6400,1,1,b12e51918d3fac611abb41581f64ff5897a57eb001a6dc3289eb9762196ba005,2024-10-04T13:50:43.727000 CVE-2024-6401,0,0,75f35c467a7667b8ee07e8ffaab5805a621ce217810e5427bec74047890dc99b,2024-09-20T17:07:55.740000 CVE-2024-6402,0,0,2dbb843b8ac3a7858f42e0a7205d0fe42cc4e1a6d0db6e5033a007b00a2a1ef3,2024-08-30T21:08:54.327000 CVE-2024-6403,0,0,9d6874f85ed8785db48c417cc57cf1b425db80cf3f43ac931de3a37049d75945,2024-08-30T21:08:04.557000 @@ -262475,9 +262485,9 @@ CVE-2024-6438,0,0,dda5c3ef0b29175f6296e0b89d7c12c3e07fe51c2f0cc30ea59ffede8f2663 CVE-2024-6439,0,0,17c8c0dedf84f798cc0f5ae1eb12bcfee8d03a9530b75eee07a6ecb983f8a09a,2024-07-02T17:58:39.773000 CVE-2024-6440,0,0,2c5be04f311531a7679fd469afc24458b735968d4c5b698cdcf03804f39d3eef,2024-07-02T17:58:15.410000 CVE-2024-6441,0,0,15383e1684ea64dc1d374e71fe60467b8bfc18bde94b0e73415ebe68688c2118,2024-07-02T17:44:45.700000 -CVE-2024-6442,0,0,c447fd21cd44a9b02f2817edf5de524deb3d008389cb0d42f60bb389c591a4b3,2024-10-04T06:15:04.370000 -CVE-2024-6443,0,0,d08394e0070894131819b9a5154ca9752eb7170874299ab3437aeb40ef47ddf5,2024-10-04T06:15:05.160000 -CVE-2024-6444,0,0,4707fe42307561d9c9157bd0f99f783e8c32216a0a7ebc01cf806124e2433bf5,2024-10-04T07:15:02.877000 +CVE-2024-6442,0,1,9c7a03186b45510e4939cf2e764b5b80238aa4f7cc9afa3a78f423db731157b9,2024-10-04T13:50:43.727000 +CVE-2024-6443,0,1,4e6b0fe4059bb5ecd8ac3df1a83f32cede722c6321e038a24d1c8747eeecbd13,2024-10-04T13:50:43.727000 +CVE-2024-6444,0,1,426e5ebc3ff6079b12c546567d5ec063ff859edfdb7814539da7b9519506d9bc,2024-10-04T13:50:43.727000 CVE-2024-6445,0,0,d4bd07ae9eba462d90eb79dcc7204c56bd4679ce8063eb2ebe32db5f30ce9fc7,2024-09-12T16:14:51.480000 CVE-2024-6446,0,0,40ba33596a31d7c54c56d318bcab067473a99b16234df2e24accf4e6227c9e31,2024-09-14T15:17:11.720000 CVE-2024-6447,0,0,45fe1e3b45bb9052a54143ac6931092e1b37ff897cd56aa11e3df59780bc06cb,2024-07-11T13:05:54.930000 @@ -263148,7 +263158,7 @@ CVE-2024-7311,0,0,b37b59792dd58cee524c8ffe58ffad74a44a459beeecd4500b7db56eb7cdda CVE-2024-7312,0,0,dc3f367e0f0a86ec8a8ee4af9b89c7ef895e4bddfa2b420824b06225d6049fc1,2024-09-13T16:27:50.577000 CVE-2024-7313,0,0,d7b0f37e48710e5f5a7b78ed26ce477c46ecddb143fdd8dc8ca6d6152120ce70,2024-08-26T18:35:13.207000 CVE-2024-7314,0,0,64aaecd133deeb35ae51feed7f4d71099832a2945a1861cec1e5be771eb8caf9,2024-09-17T15:45:01.970000 -CVE-2024-7315,0,0,b057ae02c6cc52cf777ade7c122b7553edb576e1de9f895eb67f853c43c86693,2024-10-02T17:35:18.430000 +CVE-2024-7315,0,1,4dd3ca2ac679da492124ce5590c090ad17a93d64696dae4628c710dd311ef4dc,2024-10-04T13:50:43.727000 CVE-2024-7317,0,0,d290990c88ffba5acfc4fa1e36f444dec67bc90a1513331480ff821c55d2a98f,2024-08-06T16:30:24.547000 CVE-2024-7318,0,0,3b07c549e5fb2dfd376a8d14b85e9bdf6d56cc8a33e82cf1a53a16bb45702ca6,2024-09-20T16:02:06.977000 CVE-2024-7319,0,0,91324dd5cce8fc33151e2efd0732f449f761808f1b2abe94f46ca69302c16039,2024-09-24T17:00:00.917000 @@ -263172,7 +263182,7 @@ CVE-2024-7337,0,0,bb4e29754f24508ee03646d09f02a9e9792b2bdc0b40ad3f742f7daf359e30 CVE-2024-7338,0,0,40f9236687cb1fba08bae47e5bce5fdf8596baa7faf10b9e6c7a335576e73829,2024-08-09T14:51:45.677000 CVE-2024-7339,0,0,57ec1e872e2326d7636a6cda3d278abfe9440d76240320c6c9e4335e8a941603,2024-08-23T16:53:31.643000 CVE-2024-7340,0,0,a3f98c82759b3c1463da2160a8c456e9c18de4cdd89227049824622069589bfd,2024-08-01T14:01:07.677000 -CVE-2024-7341,0,0,e541d86bef75d249a473e3a6d76df0a261d9b354e35506feb8ea2573c0ec8274,2024-09-20T15:53:28.537000 +CVE-2024-7341,0,1,25486e0c62a073cedc2875fa674c65d8d7b971980408cb946009bfaf8f227166,2024-10-04T12:48:43.523000 CVE-2024-7342,0,0,92ad1e6857e9b0cace198602fda8e3b1ec6edbf7f40f7b078718810def4495b5,2024-08-15T18:40:22.537000 CVE-2024-7343,0,0,b6b73fa45089899a04dcf5d8ab6e4cd843be4b35e1b528d7d577722e09cd2c25,2024-08-15T18:40:52.707000 CVE-2024-7345,0,0,c89352b78a1b7efddda76024ace56eb1677600f94378ef8d33d34c3c91ac1800,2024-09-05T14:11:00.493000 @@ -263244,9 +263254,9 @@ CVE-2024-7423,0,0,683032207cd0b1b10abe49d0a408feb34a406022ce5c9940510e7ae64734c4 CVE-2024-7426,0,0,6a71007700c4116b380e5f6e6a7f1695f7459185616f96253328245521427764,2024-09-30T14:17:51.317000 CVE-2024-7427,0,0,db7ee0ecad2784af038bf44c17fdbe281451988802f60a362e8cf5f513055a51,2024-08-23T18:46:31.730000 CVE-2024-7428,0,0,6dbc394d0d800a640022319856b0e52c143a4490c0eebfb1fe7dd2cce04fb45f,2024-08-23T18:46:31.730000 -CVE-2024-7432,0,0,e8c6980a5de949268c22b41f4a294a2122522b07700201e933a89167a22f2bf2,2024-10-01T08:15:02.453000 -CVE-2024-7433,0,0,1f36438e32a329d426ce3b1a344fd708160f730e4dd49f098610bf45f4b8ee41,2024-10-01T08:15:02.727000 -CVE-2024-7434,0,0,637194103f3b7db513b02082bb024dbbfefe9f606ab31523040243a3a42a17b6,2024-10-01T08:15:02.943000 +CVE-2024-7432,0,1,06ce9c1cbd8443e59c80d69c50990173994e92cd340505bacc0020ac005b3ca0,2024-10-04T13:51:25.567000 +CVE-2024-7433,0,1,88cc22c884af0a011e39ba6cefd1774b370a9f1a083127fd4a7e7b453c6c4431,2024-10-04T13:51:25.567000 +CVE-2024-7434,0,1,146e57103ba15fea35b0d41b1c4675678835d36f1618fb7bf108dc690f2ab2db,2024-10-04T13:51:25.567000 CVE-2024-7435,0,0,66fc1a447d06c1e8d0a9056fadb7b0070b6d69677ecdcc565c829d3d11041847,2024-09-03T12:59:02.453000 CVE-2024-7436,0,0,77bc4c95d4063144d84cdea1af238ebd00099087f7001defb370c91c51096e64,2024-09-11T14:41:56.753000 CVE-2024-7437,0,0,246b693ce6552391d868b958ff9b746dcace18b15d81fb9e08c275fb53819b64,2024-09-11T14:39:10.557000 @@ -263345,7 +263355,7 @@ CVE-2024-7552,0,0,811aa90d2d18bb406f73befc3765a8f78539782307b57a4dcd481925c3ed1f CVE-2024-7553,0,0,a003128917872942bd112101b4a09fecd49ec3896a9f8c6e71229fee4c654d46,2024-09-19T20:46:04.103000 CVE-2024-7554,0,0,dfc64307827dd001a7e870992bca03e6a424d33d4584f122a641b15fec5c52ce,2024-08-29T15:42:13.387000 CVE-2024-7557,0,0,ae8c41f4adb3726b27116f90c8ab746ad0ea79736dd5450dde42c0320a002e78,2024-09-18T07:15:04.293000 -CVE-2024-7558,0,0,11c6de56dbfc72772f7cbf5e9240e832f16091e1881284151bdf2cb389ca88c1,2024-10-02T11:15:11.460000 +CVE-2024-7558,0,1,08ae42b12eeb77be4e9fb784c0ceb665a7bd3a7d4edfe6364486a611f525ef8e,2024-10-04T13:50:43.727000 CVE-2024-7559,0,0,4dc25ec2b0f2eec8919ecc81f209446d933d662f72b02d2630c82c602d53e698,2024-08-23T16:18:28.547000 CVE-2024-7560,0,0,69bf0d3c1d2353061d3a66813d4df2a8a02417391648b6018a10fb1d777785c6,2024-08-08T13:04:18.753000 CVE-2024-7561,0,0,4f145ac8bff9e09f18481f098864cf0c68d07bfaa0facd60438519477eaf9cd1,2024-08-08T13:04:18.753000 @@ -263438,12 +263448,12 @@ CVE-2024-7666,0,0,f2b68bf84cf12b2e705532346f5fbf721aa3efb262803a62f88c0fa80fee64 CVE-2024-7667,0,0,13abd3aa97c12513e674c572fc5b43340a56fdaed1eb7d49228ca6bc7d71fe38,2024-08-15T18:02:40.753000 CVE-2024-7668,0,0,7fa4ff2ff2decc6801e955c109bbbe309fcdc48f3d34f4136c5c1f4e1d8b57e6,2024-08-15T18:03:27.230000 CVE-2024-7669,0,0,1ab8d834092c7284d64294dd9869665d57807a9389d554f2c75360b402163967,2024-08-15T18:04:10.683000 -CVE-2024-7670,0,0,c40d457f659d3dfd0d7567289bb7d39ddfa7dcb9977221f88bb5c507efff8f9a,2024-09-30T21:15:03.680000 -CVE-2024-7671,0,0,5d39785fa043646c1a5f5e96d1b220a07bc1f44b504d4c3b3d379b45620d5ca1,2024-09-30T21:15:03.890000 -CVE-2024-7672,0,0,5fb771d53a3ba9fd0890bbf161d702a470e215e48c41637eb155ca21e92a85e1,2024-09-30T21:15:04.070000 -CVE-2024-7673,0,0,c4ad0353e7520c4ef354c257166d9cb7bb511709eb550263589f0c3688b3d92f,2024-09-30T21:15:04.250000 -CVE-2024-7674,0,0,d1f4943edec6d0079485c52c46bbd3715dd33d4b295e1f757c9c9bcbf560994b,2024-09-30T21:15:04.430000 -CVE-2024-7675,0,0,9e77de14127c4a77f748e225671213068c96431c6ccd3a9ed9247842e3e79188,2024-09-30T21:15:04.613000 +CVE-2024-7670,0,1,cd87e8f158caa12f968cbb52701b2933b9771db27262822058b9131bb957a673,2024-10-04T13:51:25.567000 +CVE-2024-7671,0,1,e462a8c5c4871dabd50e62a42707ba67156ec552bad8aca5603f1bbbf601e869,2024-10-04T13:51:25.567000 +CVE-2024-7672,0,1,c3caa37407afa799da56079ce76d9994a56bc0832994d3c20efd9944fdb3f079,2024-10-04T13:51:25.567000 +CVE-2024-7673,0,1,9104a2b492178df675069eb9ef5a32e757e12bc6dc40777eff773bd3cf7dd89e,2024-10-04T13:51:25.567000 +CVE-2024-7674,0,1,8b4f83b20dacc3ed9e3aa86615dcca74ceb5a6545b725ac18c6cbb99fcc7b67d,2024-10-04T13:51:25.567000 +CVE-2024-7675,0,1,d79a2eb9d96f76751f07f9ecd63b06da5689bfb05aa83328eaf03f14137dbb84,2024-10-04T13:51:25.567000 CVE-2024-7676,0,0,7817fdd5f2edbb492448eb9de4bc52ee9c1fd35a5b97e69f44935e966a3aaa34,2024-08-15T18:05:17.853000 CVE-2024-7677,0,0,619a29b11672f1d6182de3fe0ed62cac67fac40890fa3659f2ed393ccafc6a23,2024-08-15T18:06:06.680000 CVE-2024-7678,0,0,7a80ac621ece570be5503c7435c87b024e4d34454346340a478740f49f03181a,2024-08-15T18:06:54.127000 @@ -263553,9 +263563,9 @@ CVE-2024-7818,0,0,a8a60252768c6bfc8071e3d171ec5ea550be85793d142018d723cdcbb9fdc2 CVE-2024-7820,0,0,c0453860ab9b7e75523d5974f7f62d77644e4cfdd4c296287f5b328e58fa219d,2024-09-27T18:08:48.757000 CVE-2024-7821,0,0,a6cbf4229b3ac9caad2c13358d94e9d25b2f946f0353199ff2ed2717953ff2a4,2024-09-04T10:15:03.553000 CVE-2024-7822,0,0,3e66fd0a5154ef0743417ad63783b1476c2b8be2ef3918498eb762e4c9c4ec06,2024-09-27T18:06:41.287000 -CVE-2024-7824,0,0,373b817c69c1f44ac069dfebf3f1bb49ad0f86b805ab43b22f3b19b3dcac4174,2024-10-03T17:15:14.913000 -CVE-2024-7825,0,0,df0a869eb20eb2e0cf22652189b4d8d94c003cd89c6ed9bc65d1617e5b2872d7,2024-10-03T17:15:15.060000 -CVE-2024-7826,0,0,74519d83d6dad59fe372b72fb14b2e766a5c70f820dc4c4ac77b1894d3afafef,2024-10-03T17:15:15.180000 +CVE-2024-7824,0,1,65a37170b4c0ed95943760d100bd8bd4b9e5d04bfbbd82b27d53ab77e1e9a6b1,2024-10-04T13:50:43.727000 +CVE-2024-7825,0,1,4eb48b14b35fcf709ed9043fbef5b298b9ff1733e6453eac75650831ee630967,2024-10-04T13:50:43.727000 +CVE-2024-7826,0,1,6a8818f845315932c58e1c22419805694fc419d2ce621c4613105bb134d69426,2024-10-04T13:50:43.727000 CVE-2024-7827,0,0,20afe3aa4a313fb97b1d97a1cbf5257a0701f273bd3d99d4148b86bfbef51981,2024-08-20T15:44:20.567000 CVE-2024-7828,0,0,e3115575bb7dae7cb27cdf5edd1f5d03fa0744cba105509a33368f4e132d9ca7,2024-08-19T18:33:17.583000 CVE-2024-7829,0,0,3634da4931045efa2221e4dd20ed9805c5f347e47423b6602d3467d4b2db62e9,2024-08-19T18:34:00.040000 @@ -263581,7 +263591,7 @@ CVE-2024-7851,0,0,59aa43af6902d4a788d7da1730827e642c78bd3a9a790eb7c6cdc9cf8851f0 CVE-2024-7852,0,0,cfaf6efee3831acfddb66b2453fc175105bb415bea9978d14cd59ad6f5b30e0e,2024-08-29T15:23:16.160000 CVE-2024-7853,0,0,90e064ba16388d2c255ea61f6d50069bab92e333b7116c2e5b296230c0d5372d,2024-08-29T15:22:52.710000 CVE-2024-7854,0,0,aba539cc6b053a0969fb9c545d61b200c22ae8ea4b03c24dce9c6e90a428e01f,2024-09-27T17:27:56.723000 -CVE-2024-7855,0,0,9ef8ad24bc421f37353c4d64435b1490bad1848a4c815862327f32bc10f2c85c,2024-10-02T05:15:11.843000 +CVE-2024-7855,0,1,7c1810abab6538884ed3a8284e7ef207f6a88b19a3ad1aaad55dba8cdf4efe85,2024-10-04T13:50:43.727000 CVE-2024-7856,0,0,0b05d57dab8dba6cdf2a128a5ea955132a0df5f7068b3f603d90db91d8053f54,2024-09-13T18:14:47.280000 CVE-2024-7857,0,0,b74961afa7dd10dda782bf64e146bf5117eb37327cdce5dd6f430c037eea52b1,2024-08-29T13:25:27.537000 CVE-2024-7858,0,0,dbe22e1f02da632a108fdb9c096b7008488e7f6cd1024c2ca6a33d2456cc067c,2024-09-03T14:34:09.017000 @@ -263594,7 +263604,7 @@ CVE-2024-7864,0,0,8cb55f9c6813f7ebb3e411de07404fd2812a548c1112fcc9ece6be38f8f1e9 CVE-2024-7866,0,0,4c0cb0c858c0ff2de3d3bc9c6187348080bb51d5934bb16167513e626d441be5,2024-08-20T19:23:02.780000 CVE-2024-7867,0,0,cc4e8e2cbae6cc9c2393332b56b3dc1a7160836d4b3b7919e8d1234e73599a3b,2024-08-28T21:59:33.973000 CVE-2024-7868,0,0,c4ea1bb97a13baa8d231995b3d29c0db15f328b428d9b25a1a7a0b4c8b9c1d1a,2024-09-11T12:40:01.817000 -CVE-2024-7869,0,0,45609c63caff2a26adcc7ef2195d5ac5e058ebc9157c26bc66abdd8f75364a4a,2024-10-01T08:15:03.167000 +CVE-2024-7869,0,1,82563860e96b853488a742e0621cb13c9d5e162d563b05569e214e530009e5d5,2024-10-04T13:51:25.567000 CVE-2024-7870,0,0,4141f264a23149fdea486ca620816f1c3f41138cabf6c23297e955fee3254fb2,2024-09-04T13:05:36.067000 CVE-2024-7871,0,0,d47ede6ca23d1578a9b705a8257da890832c1e69392e6414a190c6fb054ce14f,2024-09-04T17:34:14.630000 CVE-2024-7873,0,0,206d8282726d748a6a41b367b674a966213f9d6e3053dc261b740ef29ffe8ab7,2024-09-20T12:30:51.220000 @@ -263705,8 +263715,8 @@ CVE-2024-8030,0,0,b6f55198da4c8a890918e236b9cb91502d6b60f60aed340690526a7aff836e CVE-2024-8033,0,0,bc1d961345030012faa7942ae80f05081f947cf441680ad49c3fcb3512e2fcdc,2024-08-27T19:39:04.953000 CVE-2024-8034,0,0,990fb53670bf6f787a3d54c0392722fc0a67a939e8056c22142bc6f2bee92a38,2024-08-22T17:35:30.003000 CVE-2024-8035,0,0,e11fe8c378f080395f404658baee2e1c5cd70ef826bdf0b13fe46f85c653ad4a,2024-08-22T17:33:37.407000 -CVE-2024-8037,0,0,e300f7e911d33fc923907f98e557710e23f63422aa7b5ed576c3efd1cfb681ac,2024-10-02T11:15:11.690000 -CVE-2024-8038,0,0,ff7735c7ee92165792186d2c4c552f34bc7de903db5192d931877fce9ca59087,2024-10-02T11:15:11.853000 +CVE-2024-8037,0,1,ad453071137fae9bcec080d9b16736ac997e7f592728683f801a0fad0292f9ca,2024-10-04T13:50:43.727000 +CVE-2024-8038,0,1,57ce29f0b3931b72a63ae8ef2369330769f4bf264a0163aeabfd65f65e14fa82,2024-10-04T13:50:43.727000 CVE-2024-8039,0,0,75dd15cbf64fe4bb3f25b4e678f58a350c7ac0d4791106998aa5586c640f03c8,2024-09-17T02:35:59.503000 CVE-2024-8041,0,0,d1a08eb64fa9104259a4b82950c39baccb3cd8ac76a0f9fe28938628a6898399,2024-09-11T16:54:10.997000 CVE-2024-8042,0,0,e4aa4e1a36a07a1eb78e15d1333e45b76f368de2e361b8c314d2f7b5ac3ec00f,2024-09-17T17:25:02.330000 @@ -263748,7 +263758,7 @@ CVE-2024-8103,0,0,77d380cca7da7a9ea520d1266aaf7f8f8fa25bf0cd8d701002339aafa2f0f3 CVE-2024-8104,0,0,e0dd7af2b8170ad0cb122178cc67d0512cc1eb1562d671a3c4e0173a78c8b550,2024-09-05T13:28:06.817000 CVE-2024-8105,0,0,fdab1a8bdde46d997c9a9800b483d676df23e449425d94531660960b3c42e376,2024-09-09T21:35:17.320000 CVE-2024-8106,0,0,918839130e1d38968c976a0bfdbedb93d4d38744e55b3c51d6882ceb90663b73,2024-09-05T13:05:52.540000 -CVE-2024-8107,0,0,788b47747c80bea0b0fc54cf26df2214d345b7e328d1fbd193f93f6f4f832fad,2024-10-01T07:15:06.263000 +CVE-2024-8107,0,1,b1bf7ed1156c0ba2bfe8d084bf99ae07427ca9074741d82735194e48352258ab,2024-10-04T13:51:25.567000 CVE-2024-8108,0,0,8f1cde3e4e080de95c0957ccbabc0a49f644f40a04612484228affb54375e534,2024-09-19T13:37:32.203000 CVE-2024-8110,0,0,35b29aa278bc186f939dacbb87981e7b3283cd41ccc0818c634be4d5c87818aa,2024-09-20T12:31:20.110000 CVE-2024-8112,0,0,68d19c324dfb08f42fbaae63f6c41217ad9d464e632ed1f450780261e0cb818a,2024-09-12T18:23:22.507000 @@ -263788,7 +263798,7 @@ CVE-2024-8153,0,0,69cd0592bf629221292de38c6438be13b3b81f232de24197a8eaf71ccdf025 CVE-2024-8154,0,0,fbb17f9dd590ac994870ad751b395ff693888a574100db6420d6e8a3b3d34acf,2024-08-26T19:06:34.983000 CVE-2024-8155,0,0,104526467feb0428b2a45114df171b7d6e09efac9bca1bd2f2048b3b33875369,2024-09-12T13:53:23.827000 CVE-2024-8158,0,0,33012ddebc769dbb05ad0933fa5ab17b9a29e8fda58104c3b0868628fb6c230f,2024-09-12T21:00:00.573000 -CVE-2024-8159,0,0,473c987879b9cc7b9cb2d6a604d46ed30dd37bcf81a005e92c3cb8324d905e0c,2024-10-03T06:15:10.297000 +CVE-2024-8159,0,1,187743c6b0677e5a77406a2f8244c876b899aabb1cac71216ceccd6d74ccce3c,2024-10-04T13:50:43.727000 CVE-2024-8161,0,0,b695c0171728397a80eb00146225c0169779aabf8de6c566aa00c71a077959b1,2024-08-26T12:47:20.187000 CVE-2024-8162,0,0,2f15be70d7b9e402b643053e8cc2849077cf4472f134c84060c0898ffb295f28,2024-08-27T14:28:46.927000 CVE-2024-8163,0,0,34076faaf51f1e489aa58346c56061ee9718b828b5ae0365e6c357cdf31c941d,2024-09-06T22:18:19.283000 @@ -263853,7 +263863,7 @@ CVE-2024-8247,0,0,fcbdec6a2008dfeaed8390f987d382af34f3ecfe1f1962e571c7da897df6ef CVE-2024-8250,0,0,9b93a65d8c7dcee06e07a2e2b390d716b51503d05b493ec48aa5a8756ae94b8c,2024-08-30T16:32:16.917000 CVE-2024-8252,0,0,36e1aa114a02ff2bf925a636a4ed4135ae0e6011078bf9fd8b3aff586823c205,2024-09-03T14:31:27.243000 CVE-2024-8253,0,0,538885466f07c28468f1d184c3fb77b594dc3a7e7631ea6be509e963086ff9ce,2024-09-25T19:42:31.943000 -CVE-2024-8254,0,0,07cb27d1ee420722e61945f6e00bb92f2652b00dd2252e1a7d511aca31734d7e,2024-10-02T07:15:03.033000 +CVE-2024-8254,0,1,a78f1e21ea0167ffb267ec08f912c4ce0b4cd3d41787eb68cbcfe7c4c7cf4d30,2024-10-04T13:50:43.727000 CVE-2024-8255,0,0,c6874ac38c80acc73ad7edcdfa1b6810f24be9f578842829800024511d128d5a,2024-09-06T22:53:34.187000 CVE-2024-8258,0,0,acf33ae8a1adec0534fb0ef526f8343ca036563113e584df48e051347d7f4bae,2024-09-27T18:56:41.140000 CVE-2024-8260,0,0,58ee93928fd92124dbf3bf24e885a2e8306c83787bcabfd7a73757f9785d81fb,2024-09-19T16:08:58.863000 @@ -263870,11 +263880,11 @@ CVE-2024-8278,0,0,fc32e2167ccf88370e539f3d055e0ff107942d544d0900ce5dc32eec47fdcd CVE-2024-8279,0,0,a7de1f6bcd7acd612433087dd62d700c55c2713edbe09e73822c3aefec563e44,2024-09-14T11:47:14.677000 CVE-2024-8280,0,0,ee8246d9e12854e999c4fc7d4ea10afbd0920ea1f9472e1c543327a9ae0730e7,2024-09-14T11:47:14.677000 CVE-2024-8281,0,0,6e64aec5696815efe009b246052ca974dfd6e9415a9b5d9826067281cc5ba11d,2024-09-14T11:47:14.677000 -CVE-2024-8282,0,0,c64c6d4ef2d51abcb890f7279cb9e9ab9cfc48e2b7d69b75bf03ba24a965203a,2024-10-02T10:15:04.537000 +CVE-2024-8282,0,1,a9f5ba460629fc25fe605033d8cc4ec6ef225d1a5eb46ad1388b958ac8eddaa8,2024-10-04T13:50:43.727000 CVE-2024-8283,0,0,6848a7e5ddaaf741f33ca91c04ab319f83aa3b131928c270403da97ddfd454fe,2024-10-01T14:35:04.310000 CVE-2024-8285,0,0,0dc7b9ae09e1cf8976e262dd1fffb8b648c33c9cca4195663b4b85ea560fc0be,2024-10-01T13:15:02.670000 CVE-2024-8287,0,0,a69e7cb2d3c0316abfeaff67da311f8b23d877ec163f8b4d2f35a96004b37bbb,2024-09-24T15:52:38.047000 -CVE-2024-8288,0,0,6cb904cd7e1f4abc1a8bdb293706226bea2d11c5ae05634444833f3b0c873d05,2024-10-01T09:15:02.850000 +CVE-2024-8288,0,1,2bd9aad2891bfd734853a2487d082e7e67f45b8f97ac04cf7de0c992dccc22f2,2024-10-04T13:51:25.567000 CVE-2024-8289,0,0,900bfbd861154484ed59254bdbec992d28a9742381ab830cf631e50b7fa985ab,2024-09-05T17:41:58.350000 CVE-2024-8290,0,0,8f09c7b104102035c818730d01c54361b18fe18db1cd94558d9f6939adc81cb2,2024-10-02T18:23:25.890000 CVE-2024-8291,0,0,bef998780f6620f6853e2fbe1c217978f29dbad19bd579536275bf3c982f8c1b,2024-09-30T15:59:11.073000 @@ -263898,7 +263908,7 @@ CVE-2024-8319,0,0,19bee7e43deb1719502aef7eb4c05b0fb28cffea0ae04999821f01ddbcc0e2 CVE-2024-8320,0,0,67cff6908a40f6de0a5d55f45cee63784fe7b54f56159b5877dcd792142b0c2f,2024-09-12T21:51:58.960000 CVE-2024-8321,0,0,595129502821252825346a9a34e636ff1fd5806e1274bb50a0e529e9f41ab2d6,2024-09-12T21:53:22.677000 CVE-2024-8322,0,0,b55b95a67ef7974aa4139f663f04b216243350777f41a8ecf84d71c9fac2a097,2024-09-12T21:56:43.673000 -CVE-2024-8324,0,0,4fd8e5a587aad0782d1e2a2d777adbc10231fd0a1a8d2218f6d298b7dd04f412,2024-10-01T09:15:03.293000 +CVE-2024-8324,0,1,6518d473c1aa4b475f6dfda0657752435a4222117c73b6cdc744a1f3e192bfb0,2024-10-04T13:51:25.567000 CVE-2024-8325,0,0,6acbe28b7e23bada826026212a2fb1b0115adaa2c5e690e584f377990b0f6742,2024-09-04T13:05:36.067000 CVE-2024-8327,0,0,6596679653e59e232d9a636653bb7ef76ebcd0b7674f3704360634000a96dff3,2024-09-04T17:11:23.533000 CVE-2024-8328,0,0,108819f537a57d4b33892521031f4d00462659f72abf40066992dd6f06ea1545,2024-09-04T17:11:19.827000 @@ -263924,7 +263934,7 @@ CVE-2024-8347,0,0,14715b4855076c65c4bf21be6c68b62e0d22e8650a0e63bf9f5074414663f3 CVE-2024-8348,0,0,d08ea1deaed5cbc2f4a773e843468145326bb3a1da186780c7ff7b6cd74aae9b,2024-09-04T16:43:30.310000 CVE-2024-8349,0,0,c5156d79e59cd80a9f637ce807d739d5f9bbbaf01e3f3140af43137a484694a9,2024-10-02T16:50:09.673000 CVE-2024-8350,0,0,c0d58d04c994f4448c198b4f5c8008888aa77e46ed6f78c2de3ffb535372e657,2024-10-02T17:10:47.267000 -CVE-2024-8352,0,0,3dc26da011b3c13bcf945d6e5e5edc20e791684593bb7de0a83d3ceb59631497,2024-10-03T04:15:04.613000 +CVE-2024-8352,0,1,167d44a71d01339f72eda36595bf2ebc800f1f94cdaa9cd71f073a0d43bfb4ba,2024-10-04T13:50:43.727000 CVE-2024-8353,0,0,dcc35089fec5ab9bf27f5fe03523b4e62e247a4803b51263049a1132141d0f36,2024-10-01T14:31:21.430000 CVE-2024-8354,0,0,cccb2137017cf69831f7ecbf78dca654eaa8501214a295601783df83128f0494,2024-10-01T13:15:02.903000 CVE-2024-8362,0,0,54abf718b9bfba93199694e9f50bfa28d6dfde9a56fb3c77d91594ed8cbda92f,2024-09-04T14:35:16.777000 @@ -263970,10 +263980,10 @@ CVE-2024-8415,0,0,ab2184731c9f97a955dc07eba7cdff71ad9ccc33249e750d3db8dd063bdd30 CVE-2024-8416,0,0,135a04ecfe4373dd7e99d043d76128d31e33f9197f002be9000b3ee4a6fb8417,2024-09-06T16:38:44.053000 CVE-2024-8417,0,0,8580cbd844a53cf335c90d7b0b427ee4c081c6060c525d72a654406a58e7a040,2024-09-19T19:53:12.383000 CVE-2024-8418,0,0,45db7c5e32209561e336e52f972f2bde6e59f6364560666284054dcf874b8fe1,2024-09-17T20:15:06.710000 -CVE-2024-8421,0,0,baa012ceabfe4a98c027974c6cb50310b5e1c6dd28d23e9e37c50e0d90a41b43,2024-10-01T06:15:02.357000 +CVE-2024-8421,0,1,d73687c7a440fd8723ef6583db3c90a2a943a5b89a22a06b8eb401f91173afbd,2024-10-04T13:51:25.567000 CVE-2024-8427,0,0,57dcbf97b68dfdac544ef9faf52bed3587edeaacde16f067da96879677802837,2024-09-11T17:41:18.733000 CVE-2024-8428,0,0,224fe311bf12d06d4c690b8d9ea3bc4f42261bcb370dc3457883b86fb932f74d,2024-09-26T21:58:45.393000 -CVE-2024-8430,0,0,de3b67a4916feceb0eaac5d01380b94825ca04564095cedc02abe04981e18fc5,2024-10-01T09:15:03.790000 +CVE-2024-8430,0,1,55a9f0c318551ddd036fdf97a76cda9a73c7561d06c4df941f7c206a6547670b,2024-10-04T13:51:25.567000 CVE-2024-8432,0,0,8868d9b36bd238df6f75f7287d6bafac4ff3b898eed233d7b4ed5ce985d677d0,2024-09-27T12:58:58.433000 CVE-2024-8434,0,0,f17fd5eecfec4b6092d883a27ff9fa9dfcb00839b391edc337e18ff19734c460,2024-10-02T17:25:30.140000 CVE-2024-8436,0,0,0d153a053863f3621c53c1e26deb2ddde74385c0ccdd737c792b34eb9af883c1,2024-09-26T13:32:02.803000 @@ -264019,17 +264029,18 @@ CVE-2024-8484,0,0,f455d9eda6cfa730254e6d1c54e42895291597af75d213a155b8f2778e2c53 CVE-2024-8485,0,0,a23363c7e119dcd66690422c5888ab97f710d472d308cfeb1e931d4e39313163,2024-10-02T16:19:15.993000 CVE-2024-8490,0,0,5ff62dababbd8edfb72d0a97e4807df424b78f87491e2373479d6c84fbd14d32,2024-09-27T18:36:00.053000 CVE-2024-8497,0,0,903ccc83158de7417bc6f3ffdca83d1bf1fc40ad14228b01a3e1e063e242f9a9,2024-09-26T13:32:02.803000 +CVE-2024-8499,1,1,551fc12eb8cb4caa4e9bbd5dc03a7956334337857e6a71f0d5ccb7ec4fa77572,2024-10-04T13:50:43.727000 CVE-2024-8503,0,0,9f803200a857fcdb413b5557fdfb30066c33963fff9f6132df8887c5f7ded0b9,2024-09-11T16:26:11.920000 CVE-2024-8504,0,0,8357da8291f04353fac31874868f2eb40b31e26be1555ef771437bf9554e80e3,2024-09-12T14:35:23.173000 -CVE-2024-8505,0,0,f523d4eb904307eaa0864abec0a602e0d7186ebe8f875e54ca2fd1a1531786f8,2024-10-02T10:15:04.743000 -CVE-2024-8508,0,0,d4f71f402979723ff18a8c02588bc2d4a5f406b215830df2dc1af8c08faf5c5c,2024-10-03T17:15:15.323000 +CVE-2024-8505,0,1,6e516baf8a0cdb0778fca23a1cd05cc3d21df3678443ce1f0e71c247b8308c05,2024-10-04T13:50:43.727000 +CVE-2024-8508,0,1,095cff01fb00165e2108ed0a6b3f940edeffb7916515f1cc0f2ea48f2031a7c8,2024-10-04T13:50:43.727000 CVE-2024-8509,0,0,72b678ade46a23d1db65e1dfb65526568e7875d83752ef0a47b4a7edfeaf5ddf,2024-09-09T19:15:14.837000 CVE-2024-8514,0,0,c58a76f0057441ba23f8e2f32e326770fb9d4e75db425aee0ab9e343556d5997,2024-10-02T19:59:17.080000 CVE-2024-8515,0,0,2860d4fc2403ef731ebb5d2e3d51ef0155fe3387c99bac76ffcaa85980c8d253,2024-10-02T19:22:00.953000 CVE-2024-8516,0,0,4c7cc8475226568ec7dcbebdfbb30107ff8998ef4ef82c2cfacac984d895c7fe,2024-10-02T19:22:44.933000 CVE-2024-8517,0,0,ce937d4c0c27f8995dba93692196810f803407b9c7a2ce432d973aed0a5fc274,2024-09-18T18:05:03.553000 -CVE-2024-8519,0,0,b3ac8dbd204f935bf258a8e5a4285bc45cfebed71170697b708c1b9b45dc2d86,2024-10-04T05:15:11.433000 -CVE-2024-8520,0,0,5279cffdf25dddf26c689e73dc7ee6bab57c4bd872069dfd695adc7ffe99738e,2024-10-04T05:15:11.727000 +CVE-2024-8519,0,1,1aacd88d58f1107be56cf91e3e76096c2b7c27f5621315c82a8d3461470ecab4,2024-10-04T13:50:43.727000 +CVE-2024-8520,0,1,7cf4315df9ccbb9d7de97445c38498952340ac4ac8af3bb7f19c4434838f538b,2024-10-04T13:50:43.727000 CVE-2024-8521,0,0,65485edaf907369f60ded6330bfa86fc3cb4b0554a8f781a990c000b1998cccb,2024-09-09T13:03:38.303000 CVE-2024-8522,0,0,2ab431c4f2cf5ab967664e41dd1dc524f59071081def8323632354294bee4f38,2024-09-13T16:12:30.497000 CVE-2024-8523,0,0,97cab60ebb5ec07bfc3fbe69bde3146d8e6846c5d869fc10534b5a2c3c29806e,2024-09-09T13:03:38.303000 @@ -264041,7 +264052,7 @@ CVE-2024-8543,0,0,1827ebc325d7546f1e75a8e16ffad13bc42c9eac828d9fdcb95bbdde0c532b CVE-2024-8544,0,0,029a23631e96ee15c1045dd3fa22aca85d39405998de7d891aefcd30e632fd70,2024-09-27T12:57:21.617000 CVE-2024-8546,0,0,b9f8f0c879e1631762b6a7db32f84cdc2866de99652f087bf545ee5c24dd6de6,2024-10-02T18:56:40.703000 CVE-2024-8547,0,0,a5c726f624e35e2e38ae2311e7ed395da023cf1c888c1c750584ab5f9e849229,2024-10-01T14:32:43.330000 -CVE-2024-8548,0,0,cca495c452a8db9d34b67e92dde5b83e8275bbf017fdb41e2dc638aa49309d62,2024-10-01T08:15:03.400000 +CVE-2024-8548,0,1,79d6b79af13a38bbe8eb976675ec8fe70e73bfe199b20619eaaa02e33fc56380,2024-10-04T13:51:25.567000 CVE-2024-8549,0,0,9d15342b3eb4ac6ebd08188bbf5727cd19e2d1db961fed83db600a8a3150700d,2024-10-02T16:04:41.970000 CVE-2024-8552,0,0,ab7cb4c880b3ec4297f7ff802068bed1b689ce05b544a01cb748e0f63a229aea,2024-10-02T17:00:45.083000 CVE-2024-8554,0,0,46c32adbe15332664cfc930fe8c32bff96db8190902ab789492b593fa03348f1,2024-09-10T13:52:23.250000 @@ -264092,7 +264103,7 @@ CVE-2024-8624,0,0,1732629a73b0f7a73256425937c92b86f35ca441eabdeb398d592189eec066 CVE-2024-8628,0,0,eae51dc9330e4c3449bbbf5b2aafba06ad0db1b999ee8c88380618befb3102be,2024-09-26T16:42:16.700000 CVE-2024-8630,0,0,171e223312e05c108be17689ae4f899562cfc4dd591123d96527e97a9f5e9c7e,2024-09-30T12:45:57.823000 CVE-2024-8631,0,0,ec0f3e499204fe8b3096f23de4c15b4f57ab537964111dc6b7313fbad5d35ea5,2024-09-14T15:22:31.717000 -CVE-2024-8632,0,0,f172cc8ff5cb9fd95e95849b1f701d969353d04f602f42c70851f5333736bf3d,2024-10-01T08:15:03.610000 +CVE-2024-8632,0,1,e0cada97c6995cbb67fe42f80a349e37abe4361f782a8365fc38e88552a5da8f,2024-10-04T13:51:25.567000 CVE-2024-8633,0,0,11f9c1ab75a0acad9e38c7131ee0e717752f233463501613a3dd97a61fe47734,2024-10-01T14:17:43.700000 CVE-2024-8635,0,0,7a33169aa1c56166fecdf7f4d906662353a5e22f1362c34800f026c91df08470,2024-09-14T15:24:45.657000 CVE-2024-8636,0,0,0c59a94a620a4c5a9ca1b46d0e9c59ab3787ae337f0eaa0364c7e33937f31aa2,2024-09-13T14:35:08.313000 @@ -264123,7 +264134,7 @@ CVE-2024-8665,0,0,f6c99a5ec710565eecc74e7ed4fc9df52dc9e331e2cca577b8f47d511b3aa8 CVE-2024-8668,0,0,c353986416e0a4c46c78ecf60b727782bfce62870f6e122356299be7e7438e9c,2024-09-26T13:32:02.803000 CVE-2024-8669,0,0,a540528fa4f0bbb5defe17259c589787942e6df5d18ff3bf79d91bf53c9aac43,2024-09-27T16:08:15.487000 CVE-2024-8671,0,0,44eb9fc4ae83bda74c805da6c8f69132f0b0ddef607b7afc290779058022b5c0,2024-09-26T16:38:24.447000 -CVE-2024-8675,0,0,4e67a00d00eda6d3913dc1b843cec7abe2f647dde9eaf0f5b9e89fc8ca663b54,2024-10-01T08:15:03.820000 +CVE-2024-8675,0,1,0a13cc68010596bf1c90ba4332bda0b184424e4f46fdbd60b8270080d14a1a03,2024-10-04T13:51:25.567000 CVE-2024-8678,0,0,4b823977a9ffc10932161c4fd2e6fd149c78199fa23b7389b49b67f658769603,2024-10-02T19:06:48.983000 CVE-2024-8680,0,0,f92fa58a804f571c1e7bcf32a74c84f918657d6176f24d169d6d6fd1db54ec14,2024-09-27T13:53:47.910000 CVE-2024-8681,0,0,2484646e871f9b5ca6a59ede5b5ef399a66580b77d3877c591e127c40a1ace52,2024-09-30T12:46:20.237000 @@ -264152,17 +264163,17 @@ CVE-2024-8713,0,0,83e5cc73079f308b101a704f144a5b41b482803341d183db1c76abb1d6f85d CVE-2024-8714,0,0,2bf1d2039d26904f97b1e8fc522abe5916905f0e0d26ed18e01afb2d802fce13,2024-09-26T20:06:46.330000 CVE-2024-8715,0,0,f0a4fb777a1271394a60c2f9ce37f6ba7325c02d49be07fd888bdf4eaa659dd6,2024-10-01T14:37:08.807000 CVE-2024-8716,0,0,1bb41aeeebe4e896420adf3cdaff53e3d88a64a7e4d1f07d25f8bcb2da122bf8,2024-09-26T17:03:05.487000 -CVE-2024-8718,0,0,52332c777c4318a883c04078e91634a6ef8ae6a5900124887917d48dd5005b5e,2024-10-01T08:15:04.030000 -CVE-2024-8720,0,0,289b8fb0fc4d8050af052d36e1efbd05b6c287bfb2c648706b6f45f067f38dc4,2024-10-01T08:15:04.237000 +CVE-2024-8718,0,1,c97741d12130ad5ba2ed82c528ec11a1af21fad86435451da12c39cec028d14f,2024-10-04T13:51:25.567000 +CVE-2024-8720,0,1,2f0e821428fb20df24eeb1115d6165ec35266f54d9cfaa09a98cadbec3449fde,2024-10-04T13:51:25.567000 CVE-2024-8723,0,0,730229d7deadc7b514e5d898656fee12ba111958411cb7eec6e86089a429ce7e,2024-10-02T17:00:23.603000 CVE-2024-8724,0,0,41e3dd453fbe3c0072e7ab470e5d529ac122f059bb60a2be671564b989c49676,2024-09-27T15:56:00.073000 CVE-2024-8725,0,0,bda4a6515a704fa51f2d759f535270e57676d8c1b87d3a5cc5dc6f9e3d99ebf6,2024-10-01T14:16:42.727000 -CVE-2024-8727,0,0,dbb2d03b3a0ceaa8f4191f7e51c855a7d6e37cf9570fe18e85d885b4a36917be,2024-10-01T08:15:04.433000 -CVE-2024-8728,0,0,4c3b895218a9215bbba5cc18fc76f8f771ca28b92ff840e97f9e5836a58a2ef9,2024-10-01T08:15:04.637000 +CVE-2024-8727,0,1,cb79e2fb4f4e8ddff2e3cdbb1cbb30b7c8fce0689b3d497e10ebbff2e74dd2da,2024-10-04T13:51:25.567000 +CVE-2024-8728,0,1,d061a0a3e4a793bdc334c9b032908af2152405a24e9b06b2723d960e58ba5c92,2024-10-04T13:51:25.567000 CVE-2024-8730,0,0,ff380ede7d530472d7457d72280d0377e58fe499631b78029fd0dcbdd667a7f4,2024-09-26T19:58:33.353000 CVE-2024-8731,0,0,17c6adda5eb698d4c05886ce56b7c8d24eb85ac20af08445719f350b3f8c3e38,2024-09-26T19:43:33.110000 CVE-2024-8732,0,0,fdb5356750581bee2cd15ce9454648108e6d01424f144ebcf561e47c2245eaa8,2024-09-26T20:01:02.290000 -CVE-2024-8733,0,0,770a8911437b54ac66c4d18169732b252253438709c71e22985e8c79ad282ff6,2024-10-02T20:15:11.867000 +CVE-2024-8733,0,1,2ad75c4913be224ff75684fa724a275e53b709dc0d7f918cc99544f1d754539e,2024-10-04T13:50:43.727000 CVE-2024-8734,0,0,df9336f51fe9af5a1ddacc740bf3abe8991041c91d1f44bc6bec3f0ce7eaa8b2,2024-09-26T19:30:03.503000 CVE-2024-8737,0,0,a8f5a9ac08b3915d238b7b0f4fdae19f4d9de463f7b6e5257b850817c52f3420,2024-09-26T19:18:36.097000 CVE-2024-8738,0,0,8d7254f4f1af2919bab9c4b9c8e7ac85cdc1b41f46ed454e2ea854234d64d13d,2024-09-26T16:48:19.490000 @@ -264191,20 +264202,20 @@ CVE-2024-8780,0,0,390f3cd9aeaa4212ebd65fe7e603fc1df2783bc2afd801c860ac757dc6f099 CVE-2024-8782,0,0,ec0da4baac22ae9eceb8ce2507375e0a71b6a51926de3cc40576bcd259fd7175,2024-09-19T01:46:07.003000 CVE-2024-8783,0,0,b434dfc5f50cf2811a1f5688ac574f745dec48e5af54cf5f568ce8560b0e2702,2024-09-19T01:38:57.033000 CVE-2024-8784,0,0,7bc5ed86fd42122481efd27561493828acec6a50cb9d34c0b1c40453c943431f,2024-09-19T01:38:35.177000 -CVE-2024-8786,0,0,76e564ac65d5a50b3044629ff82d809b4d486cea166ab2e4fb6f9972a580d321,2024-10-01T09:15:04.300000 +CVE-2024-8786,0,1,98535b365547eb81c56b86d17170e324effeb134cfd99a6f8a9199c7d69b6f51,2024-10-04T13:51:25.567000 CVE-2024-8788,0,0,109bf9bb3aa314390f1c0b3dee4d54ea5d0e02bbb648b956ffff0a9dad06b2f6,2024-10-03T17:25:41.467000 CVE-2024-8791,0,0,fb5b0ac36efac34bc9b2b46a1f471f8bc629f8b19dafbbe4161ffb4834ecffd5,2024-09-26T16:25:34.120000 -CVE-2024-8793,0,0,acf44e3c3be625419fa9a69cf4331a61ce393d1a39a3030b553b223d637c6858,2024-10-01T09:15:04.770000 +CVE-2024-8793,0,1,ffe2baf90ce3b0434374de5ead3cf1bc90903b5bc8546a2154e3b60d234a46f6,2024-10-04T13:51:25.567000 CVE-2024-8794,0,0,71d6f226610d884ee512fa4051f8594e0cafa29b4878c9ac672c3de2ccd4c022,2024-09-26T16:23:46.740000 CVE-2024-8795,0,0,f7b3fc89482c22947a1a26e63d2f04d7dee1f77ad827021897b332709b04072d,2024-09-26T16:46:55.587000 CVE-2024-8796,0,0,3072a1878c469640ca1580f40189a95dca902784c81c016c261f3bdcec04f58c,2024-09-30T14:10:38.937000 CVE-2024-8797,0,0,bc71120ba9c562037001bef5ed49069a2fb96f9263b3c8e2a617e34946a91f4d,2024-09-27T14:02:23.700000 -CVE-2024-8799,0,0,00121647efdfbda1953f2b1e9dcd564fbf00607f157bcfec6188d74e35b1233b,2024-10-01T09:15:05.220000 -CVE-2024-8800,0,0,d956ac136643b04f0243a452c8ccfdf197118d0e853c27476b810517af98011a,2024-10-02T08:15:02.510000 +CVE-2024-8799,0,1,49bc4991911fbbc7a13e2c44ee4f9dfc55de6e57f557c4a1eef47b7946608d58,2024-10-04T13:51:25.567000 +CVE-2024-8800,0,1,7bd4338390d14e376727f7c26a8482ea4cbd4feff5a543b2b8d07c72220e2027,2024-10-04T13:50:43.727000 CVE-2024-8801,0,0,b5bc4f982a594acb6aaf56b2e8a82653b32de0b2ae7bfdf440e37c28bdd34de7,2024-09-30T14:23:46.140000 -CVE-2024-8802,0,0,fa13adca8a22ec6e50f47087a1da6c1e490e962abace9f54c6d7c55cc28a4817,2024-10-04T05:15:11.930000 +CVE-2024-8802,0,1,76f80c911b11bd194713dc01e458b154292723189ec6854b008a19794d0a4a82,2024-10-04T13:50:43.727000 CVE-2024-8803,0,0,1e0c20c4da3042f287bedde6aa980588230b643699023347d741bb81db132ef8,2024-10-02T17:15:12.677000 -CVE-2024-8804,0,0,7c528ca66db5ca77abb50794657dc450a6d4f88358c2365f5ecb81bde5817e53,2024-10-04T06:15:05.353000 +CVE-2024-8804,0,1,c56f7fa4df6b31f31a79ed65a12d28bbcf9e246380d4c5dc4d5fb1070d7ae9b8,2024-10-04T13:50:43.727000 CVE-2024-8850,0,0,60f99c260767f82bf00cc7954ec3e058985003b965020b8d3dac7a45b3ea5f64,2024-09-25T18:49:53.397000 CVE-2024-8853,0,0,b5a3b0675f8f2657c7381537f08c47ae3a3694c18acf1b18976370e35c278f0e,2024-09-25T17:49:25.653000 CVE-2024-8858,0,0,a55a2b45b2b7a3f3c60e0d8077307a88defc4d63f2b498893a25b1463c90c22f,2024-10-02T18:41:29.067000 @@ -264224,7 +264235,7 @@ CVE-2024-8877,0,0,072c8e486444961bae4945079e8c7eda87a37fe8ff462296a0eff944cb3f18 CVE-2024-8878,0,0,d355a1999baf0c8606d16796b1d3b0e1dca83258ab14464d5a94be439e5488d1,2024-09-30T15:21:31.693000 CVE-2024-8880,0,0,4890b5d8ccfd73a7de9d70be358a6aa9c5c8f4db772389c703fb4d83ffb621f1,2024-09-20T16:41:38.030000 CVE-2024-8883,0,0,d39bf3fdabe814eab7383cf7d0056d70749ac8a21f6ccaada9d165b73ef13b6c,2024-10-01T13:15:03.313000 -CVE-2024-8885,0,0,0da336e48d8fed3d105ca935ca0555e852ee8f847a7fb52241b5e47fe0bb5262,2024-10-02T14:15:05.927000 +CVE-2024-8885,0,1,3d17cd6b07f76e6b7b78ee39290572c27afe08953d025655a317633960052841,2024-10-04T13:50:43.727000 CVE-2024-8887,0,0,0407ca62fcbad308289f29aa7a81815bcc03d59968582f8cfbf5cd23bcc12817,2024-10-01T17:30:07.597000 CVE-2024-8888,0,0,3a815de886bf077ac63d6810f20ea887274d5ca628e3e664db2efb49b96f7c7b,2024-10-01T19:30:35.400000 CVE-2024-8889,0,0,409f189e1cc8763baf41f6d7663087a2138f3ee0ecad616a441fc7d44385c004,2024-09-20T12:30:51.220000 @@ -264260,14 +264271,14 @@ CVE-2024-8956,0,0,67fe3d1874df790c4fe403e5b4da2c61ceb691a22ee76441757b9e4b9f428f CVE-2024-8957,0,0,7754fe7edeaccf469b1d2d0d834f9e662d3691f603f526c2d85ee83a7186072b,2024-10-01T17:49:25.573000 CVE-2024-8963,0,0,67fe8ea90f3163df4929d6782956d377bcadef461d17352cf475deabaa8fd4ad,2024-09-20T16:32:02.563000 CVE-2024-8965,0,0,4ba541e4606533e3a8bee7a33ff07d0a9f7a7b73c53d09de5034be2d80daa7c8,2024-09-30T12:46:20.237000 -CVE-2024-8967,0,0,7776297609e38f6238ec0b6b16a03ab86d44709e6cfab5e185f21104640ed150,2024-10-02T08:15:02.740000 +CVE-2024-8967,0,1,1f8d6363a17be63cea1c528abb4efc0a4ea9ce6878b4a1d19a995b4e289c4b45,2024-10-04T13:50:43.727000 CVE-2024-8969,0,0,98dd6be27cce2c3412495467ecb9257ef6e673bce29c0f376bf0c342ca11f9e9,2024-09-20T12:30:51.220000 CVE-2024-8974,0,0,d4bcc9476e440aef15c3a18c780e18e6939f5911111a1f36c9f70c7d14bcd4bb,2024-09-30T12:46:20.237000 CVE-2024-8975,0,0,e9dab26a838a0dd237537c2cbdba69bbaa5b6602743bc0ca17e054f95d0f2b70,2024-10-01T19:20:21.103000 -CVE-2024-8981,0,0,a6dff398f54eed438863305f0063a0cfe917abfa14511ee9bceae99f41bf945c,2024-10-01T03:15:02.470000 +CVE-2024-8981,0,1,72a5e946545b01f6f5b55bd9be0a66c4964926bf866e85b9f0e826b5c8f5cfe7,2024-10-04T13:51:25.567000 CVE-2024-8986,0,0,072cf1f180fb390d1b4b3d2d50dea4c4259a9c38757ddb70b883e21ef9d81f01,2024-09-20T12:30:17.483000 -CVE-2024-8989,0,0,6ab2546ec964e99a431fecbc3726785c0f1928620ca5ffdda7abd4a623d7c876,2024-10-01T08:15:04.840000 -CVE-2024-8990,0,0,5f3121a9544cb00fa60db849505a5187b12f6013895f285bda1d0b2e597f3595,2024-10-01T08:15:05.060000 +CVE-2024-8989,0,1,caae46233d26ee2b67df93becf3adf518208e6bbacfb542b8b2dd6d9f605994c,2024-10-04T13:51:25.567000 +CVE-2024-8990,0,1,ebe58ed4a084d59384bf44303a373b31562e7163a1320c584d218212811f287c,2024-10-04T13:51:25.567000 CVE-2024-8991,0,0,09885cc5ee50368e772186dae89932abe94e78de6f22233b671ca629cda9542e,2024-09-30T12:46:20.237000 CVE-2024-8996,0,0,b0907780bcace0477557b6ba9bb55a2aefa2e27bdc88e1eb50e40fe332316c17,2024-10-01T19:16:02.793000 CVE-2024-9001,0,0,3414d6649893c69be27afcf1e3dc2327433e2ecaa7ac9013879a0b1b05bf0f03,2024-09-24T16:14:30.190000 @@ -264279,7 +264290,7 @@ CVE-2024-9008,0,0,52622a85f30c63eabac86e540eb777bb56ea4ab0b052ff445cc04b0bad1ec8 CVE-2024-9009,0,0,8ca9aa7668c5d5c77c4f8dc75f965a1fc61562deadeb769eddb6e3d475ae864f,2024-09-25T17:46:59.077000 CVE-2024-9011,0,0,31757df34dd4fee90035c8c1e734eec12ab6ab10926115bc714ff7e9ad5eeaab,2024-09-25T17:48:14.820000 CVE-2024-9014,0,0,a8e29b928e7c02e09a31b50dee33eaa8cea5cb50c9cc022c5089f67468915a88,2024-09-26T13:32:55.343000 -CVE-2024-9018,0,0,7e4cc53232e01438a4fee218a1a2899aac8e0271cd2222ff64914c9456965ad6,2024-10-01T09:15:05.610000 +CVE-2024-9018,0,1,68400f987fd3577f3ea61c03373ac61aa508818a237d39d8a2786c154655bda1,2024-10-04T13:51:25.567000 CVE-2024-9023,0,0,8856d7ffdca739d2c0d1b85fb1ee05faeaf6947167077ac20feaa24f6c509db2,2024-10-01T14:39:38.370000 CVE-2024-9024,0,0,29f2f073ee82aef300cee3fd954ac6dc4243aa67d5082fca2a65737992da04c1,2024-10-02T18:02:59.683000 CVE-2024-9025,0,0,8c34a0621e4e149deefb96042ae2c7c0174789fb7b5db2c9c1ef1c4077be46cb,2024-10-01T13:44:23.667000 @@ -264301,11 +264312,11 @@ CVE-2024-9041,0,0,99f9003688843669abe0778fb23af0702d95d6892437f5bbf3a35f1e206f8b CVE-2024-9043,0,0,585c2a6b7b38dff44f8f31bab3e4cca50893ebff20d4d599fedd4ef31bc82eef,2024-09-25T17:54:05.297000 CVE-2024-9048,0,0,f4eeb8fc17937a04134cb85e4ff1d8e798c7887dad672c6adf3a86ffdd0c5d34,2024-09-30T13:00:48.613000 CVE-2024-9049,0,0,82d816109853a6bb7858af705f595879c6e18b2b65b2b9fb172af3dd7d5e2811,2024-09-30T12:46:20.237000 -CVE-2024-9060,0,0,e35befe0c19e9c59756c7c70c224c449f9b987489f50a3c4c91195a0ebac85a7,2024-10-01T10:15:03.983000 +CVE-2024-9060,0,1,362dff7d92c4f79cdb773c7965db43bbd7eb0923ce5f0445c06b15d2c9fc0e79,2024-10-04T13:51:25.567000 CVE-2024-9063,0,0,df96d256cb802a721004c9ac9223f80a26c192f9136fb3599130ecff1f9d6c94,2024-09-25T01:15:48.670000 CVE-2024-9068,0,0,01b6ceee3583b3b207ab2eeaf4c2684cbe8e9990b1a6178aa8ad730654493f98,2024-10-02T19:55:50.547000 CVE-2024-9069,0,0,904bb0393747d55de1840c322bbad7ae9d27b3e14c3398a0999f4d003e7be886,2024-10-02T19:37:49.777000 -CVE-2024-9071,1,1,957e62c0393f0628f9347c6d61d1bdf135a92652d16fab07ebf75d67cdba8861,2024-10-04T10:15:12.903000 +CVE-2024-9071,0,1,f9ccce463774fc4e139ec7d30a8ab7db7abce266388831263f44fe5606425203,2024-10-04T13:50:43.727000 CVE-2024-9073,0,0,e1a3718934b1c8aa8070be1e5efd6407ed841e421f9f505c84906bd05d8d4d7e,2024-10-02T19:32:43.047000 CVE-2024-9075,0,0,3b33ab99769a9c852230df8e8b6083f862011911d6a5bcadbdc727ad6f83ab66,2024-09-30T15:27:39.313000 CVE-2024-9076,0,0,8c57021a64484b6edbf7ffabe5a971516c1732fccafbf97d4089a67e7015212f,2024-09-27T16:14:04.977000 @@ -264327,13 +264338,13 @@ CVE-2024-9091,0,0,3bfc998290a11bc8fab6cf9f3d600eed6ee69250246e343c9bb59fcaa6e75f CVE-2024-9092,0,0,1c2c646de9ea2ba79bd5c01f3c6adbd97c309ff9880a784404443eb5dc670a7e,2024-09-27T16:23:56.710000 CVE-2024-9093,0,0,9c381a723dcd5a5c3a6becb1e39558bfddcf6d2d39bab32327672c3bb7182479,2024-09-27T16:26:27.163000 CVE-2024-9094,0,0,0e308d006c94a8d09d0a4caea6001ec02d11744a78c5f3fdfc5f94ed1a0ea22c,2024-09-27T15:54:09.463000 -CVE-2024-9100,0,0,fbe247947d5abdf28dd1c0db917e0aead6ce1b77d0e6c741cc499f25429f5341,2024-10-03T15:15:15.553000 -CVE-2024-9106,0,0,b4be78e84ae8affb4a6d454a9d1990e653bbd687f661444a18343032f03a5c6f,2024-10-01T08:15:05.267000 -CVE-2024-9108,0,0,b104d3449df77c856d6774bc902449a0006458d06f65471d2757d674caf86c47,2024-10-01T08:15:05.480000 +CVE-2024-9100,0,1,924a5aba3fc99fbce138eba1426a3a9c3986ee11f31aca57d0fb8c713d5d9b99,2024-10-04T13:50:43.727000 +CVE-2024-9106,0,1,e27db71c396a4ccaf2c72a333395893b81bc19abafa7c4f380f448da576e2d26,2024-10-04T13:51:25.567000 +CVE-2024-9108,0,1,a5bd0d20b10740e2633e894f79cde5eedf60bb1d894cbb8ab0abf2750035a6b9,2024-10-04T13:51:25.567000 CVE-2024-9115,0,0,1c4e70138ee9590ca65c2e328b29e5a87d064a3f49c7286913d14c3952d00fc4,2024-10-01T13:47:25.403000 CVE-2024-9117,0,0,77f0703e7ba19b3d087cb3250573807a507cc3ac6f6e62f26867d41b190dba74,2024-10-01T13:56:55.893000 -CVE-2024-9118,0,0,8b29d58b8acc82ebf618017cf703866196a5db73c681678bf955c8a7d8b1e52c,2024-10-01T10:15:04.230000 -CVE-2024-9119,0,0,73a4506c64bc55136a82fd67049c5f1a65495ab03a2bb02fdd68a84266b1cfd8,2024-10-01T08:15:05.690000 +CVE-2024-9118,0,1,e4b7000599bfd6bcfc27b5841170337689b823abc233b7c4e2b79d17c730d1a4,2024-10-04T13:51:25.567000 +CVE-2024-9119,0,1,6b294b34f6bccab53e92bbf272f3d3ac633c48ae9c06eccaa6b5e71b11d704af,2024-10-04T13:51:25.567000 CVE-2024-9120,0,0,741803f92bc286dd2201245dc8ffb354e00af92f2ccee9f63963d21a0888db6b,2024-09-26T13:32:02.803000 CVE-2024-9121,0,0,eed3fa8b5aa214ac1e28e4851470b90d1a58e721a279141f5883437250a9a8a8,2024-09-26T13:32:02.803000 CVE-2024-9122,0,0,8303a0c1b693e1f9637d76c62abb1e6e7e78f3941c479dc3e2dfaa8a5c17fa42,2024-09-26T13:32:02.803000 @@ -264344,56 +264355,56 @@ CVE-2024-9130,0,0,5bd25b655f8e7a913dbf125185040ed90a768cc24bf73a5555fb1985c6ebc2 CVE-2024-9136,0,0,9b9746749b73403d8dc2b7a33b5935315a467feb0aa3698e70e44d08c2289a1f,2024-10-01T14:28:31.027000 CVE-2024-9141,0,0,1186d93c71ba2b76e7029b0455d3828535e51a6f22b721a65c3963a052cae512,2024-09-26T13:32:02.803000 CVE-2024-9142,0,0,f41ad411b11065ca581c6c09a7cdbabb7231f7d077f84444580389a46c43e76b,2024-09-26T13:32:02.803000 -CVE-2024-9145,0,0,d9eb5f2cbc78c51e04533fd725fd2e5d8d5e90eeafff327ac01ec71d2337b21b,2024-10-01T14:35:05.940000 +CVE-2024-9145,0,1,666aa1000539c0391187e882757d18372cd0bce4cc6b153bd670793f8325f34a,2024-10-04T13:51:25.567000 CVE-2024-9148,0,0,54e87e3f2b6f69d5080b11c080fcfce17264899c6147cd6032f168b6e8923e92,2024-09-30T17:34:12.760000 CVE-2024-9155,0,0,e7852dec1d1a0cf6fb02c65df23cf83432ff26399350f16bb6b49f28f4d3005e,2024-09-30T12:46:20.237000 -CVE-2024-9158,0,0,409612c4b8cb4a3f347d3e6118bf18cfe60f695c2a9fbb2e38a16b5a656c0709,2024-09-30T17:15:05.407000 +CVE-2024-9158,0,1,8b9a36df9ee697b421086e02a79a7c2a666c522ed29ccb8e555bd2863b3d1bdb,2024-10-04T13:51:25.567000 CVE-2024-9160,0,0,dcb08097a2707d90887b21cc5ab80eb6cf86ff84abb571a9a69f82310c298b71,2024-09-30T12:45:57.823000 CVE-2024-9166,0,0,b24f9ebc4650fb7d123f858805d8b1a753ef6a732064f8b14cd979bccf2c240a,2024-09-30T12:46:20.237000 CVE-2024-9169,0,0,3e58e76dfb6d40928d7a81777e9f17fdbdc857f6ee99a9600a6d563079322d8f,2024-09-26T13:32:02.803000 CVE-2024-9171,0,0,af15a4d4f57722dfce9c8f35af79ddfb4512cd4df5a539148a2f7d51c39f2ac2,2024-09-27T17:15:14.437000 -CVE-2024-9172,0,0,199bb1885edbaf3e5cf8cf5bf50588b7a1520bf934b902a33238e0075b79a13b,2024-10-02T08:15:02.960000 +CVE-2024-9172,0,1,034a99897a51af814f0df2d5d72fe86e0f6fbd56311750554470cbdfec5b6edd,2024-10-04T13:50:43.727000 CVE-2024-9173,0,0,35b89a81311ca677fe554b85f50232d9274c2631e7208ee1d074802a8dbdb506,2024-10-01T14:12:41.293000 -CVE-2024-9174,0,0,b84c9c7a9f9cd2234390c1ae1f1de568c65321ae63b8ba2386d7dc05a067988e,2024-10-02T06:15:10.387000 +CVE-2024-9174,0,1,70fba8b83f62f6c4709cde03a07baa90e2b7205b145527e48fd4fbdcbf5b21e3,2024-10-04T13:50:43.727000 CVE-2024-9177,0,0,c4277901c0a37ba57d19438c33c0231133f774b6681a96af5a3a31a338af68ef,2024-10-03T14:32:46.150000 CVE-2024-9189,0,0,589dc859bd1b4dfe4aefe62d286159acb6f430185a125dd81b1568310ee1bb88,2024-10-03T17:26:19.397000 -CVE-2024-9194,0,0,24e26748ef3bff41d7a06efd6c027f138154eafd040f89b986b59a112235298b,2024-10-01T15:35:17.550000 +CVE-2024-9194,0,1,94d0f5f267ad180c0cf40bc9b87cc59bf3002f59241057e5b89ba1ec25bacf82,2024-10-04T13:51:25.567000 CVE-2024-9198,0,0,f43e7cbf5ad8264654a856d8df5069cea0145a66becd85052219123b3f2b7d6c,2024-10-02T14:33:52.780000 CVE-2024-9199,0,0,0d70434db3b8e5067294d8da03c36e695141f2bf7d8322fbb68a3bc3177abf45,2024-10-02T14:33:54.607000 CVE-2024-9202,0,0,808b8091e3582386849f2f7767feb40805cba585b6581ba135c1d621ab219188,2024-09-30T12:46:20.237000 CVE-2024-9203,0,0,e6eb6874bd83da6550f594261cd60c3d082a0ed5dbc17d4c1b083dd114dee5d8,2024-09-30T12:46:20.237000 -CVE-2024-9204,0,0,9f78e4ce9a8bb12e175499e652fd1a89709adec39e31d43df0da8dd4b0475b9c,2024-10-04T05:15:12.180000 -CVE-2024-9209,0,0,7d3bad6781486e2f4da7df129717b8a491edccf73b369d5a2d34b95179369883,2024-10-01T09:15:06.110000 -CVE-2024-9210,0,0,b5bf3ebd13fe0e23d57c1dda8f23c9e29d98e9d13d1a948e54726130578828c9,2024-10-02T08:15:03.180000 -CVE-2024-9218,0,0,77125ca5d3f1f7f81f6120330b8e477b141483fa32387f60a5f81d7ec93a10fb,2024-10-02T09:15:02.837000 -CVE-2024-9220,0,0,6f67adeba0c71de630c7e77880260d455139ec3e28b2bcf4d37b6c2e1b517adb,2024-10-01T09:15:06.613000 -CVE-2024-9222,0,0,d4d7c4eff68d89a94204b86589393d1943f67be0939ef8964f73a1dbde0c2c63,2024-10-02T08:15:03.380000 -CVE-2024-9224,0,0,daeac54c8a106a2cdf4131c378f84c7cfa1b831c70c575638327c37ab147ad9b,2024-10-01T09:15:07.190000 -CVE-2024-9225,0,0,141d0d35e11a2cd106662fadee1419850af7b64bb767687c4551fb0ce39a77aa,2024-10-02T08:15:03.580000 -CVE-2024-9228,0,0,9405c3cfc45dca66268ec52ff9d3afd2509e4b32bf0c50779cb731b661651911,2024-10-01T09:15:07.750000 -CVE-2024-9237,0,0,8e6e22e1e3f1d7c42a4af8690ec68b6567f1938aac087ae222b58b78114ae60d,2024-10-04T05:15:12.390000 -CVE-2024-9241,0,0,c97fba2c7aa884bcdd52fc5811a712b361d655a1df561d8ca3d939dedb183a39,2024-10-01T09:15:08.287000 -CVE-2024-9242,0,0,e9b47715b8866c0bb06824338df1ab32ffe4086045274b1a5798b8af973e0ccc,2024-10-04T06:15:05.647000 -CVE-2024-9265,0,0,a960537dfc00aa7287cda3b344edaa9968d5f1c511cd23e19840dec685ffedab,2024-10-01T09:15:08.810000 -CVE-2024-9266,0,0,9236ddab7a32ddd3f2f213c68ff62e8764199194dacaa0a345239e73e7878693,2024-10-03T19:15:05.027000 -CVE-2024-9267,0,0,dc0e2a16aa688a38c35f6b9ffae7fc1a73b41beb5eb56dfb80ff17744ee58cdd,2024-10-01T08:15:06.103000 +CVE-2024-9204,0,1,8709d8f31d12084fc2eba23d41169bb9ba345e1a3d3bed7d676463fdbec26c9b,2024-10-04T13:50:43.727000 +CVE-2024-9209,0,1,ad2e9ba46a8b789d7a8b9785fade23a4a5d9f86ea41fce8b0f3faac5112dbbc8,2024-10-04T13:51:25.567000 +CVE-2024-9210,0,1,0d87b122885ffeb5086d09957ff6c721d923789c7bea701de793ea02c19d5b92,2024-10-04T13:50:43.727000 +CVE-2024-9218,0,1,a5f4d5993537e8f3ac852d48ac4c9a547a54d7a91e49aaaff900ba227521827f,2024-10-04T13:50:43.727000 +CVE-2024-9220,0,1,953f2c71877f0e80b743889f5a646e40b459034daae9a5312aa784b222e1c96c,2024-10-04T13:51:25.567000 +CVE-2024-9222,0,1,2a16e61f203d89577759b3079c645bfab646818b88f2af60656391fbb98aa805,2024-10-04T13:50:43.727000 +CVE-2024-9224,0,1,19c943fbe4ef9f918395e13798f2975a696a2944700a4ac5df521afd16356313,2024-10-04T13:51:25.567000 +CVE-2024-9225,0,1,c981bc261f419ba4241598c73e147f852fc298c1784e64c3fc47c09bfa4cac55,2024-10-04T13:50:43.727000 +CVE-2024-9228,0,1,f17dfae7929c318b20be5970be67bde363cc3e2262c065c0b0cce3a6878f5485,2024-10-04T13:51:25.567000 +CVE-2024-9237,0,1,6dd007338b51674bd9fefd8518a997a164b381519066f168810e8e196c9bbc64,2024-10-04T13:50:43.727000 +CVE-2024-9241,0,1,b2e27eae81776716d2865d422481487e6c47f4483d9c04691f62f7f57be3dba3,2024-10-04T13:51:25.567000 +CVE-2024-9242,0,1,a9c44b4c9508f7017de498ffe453e49c7dc8184d2c772872f479c4093c97dfd4,2024-10-04T13:50:43.727000 +CVE-2024-9265,0,1,1da2407dd40013b851a84c2d1f4373b90720cb2b0e698051fc55832611406d70,2024-10-04T13:51:25.567000 +CVE-2024-9266,0,1,9897e7bd01e8f0fea686bbe0969277eb0e59373ffc16090ed1770b5ca7125283,2024-10-04T13:50:43.727000 +CVE-2024-9267,0,1,e1783d6d7b8ba5585243c45fe350fa65068fd1659c19369f548dec592743f878,2024-10-04T13:51:25.567000 CVE-2024-9268,0,0,7e7771d589d5219f5f8e1d4b856d8a4ecc833e195b34661fddc76da01954ef5a,2024-09-27T17:15:14.497000 -CVE-2024-9269,0,0,17a005cc0d3d32766c2354e4e21cb5a6af989b17ac72800bc0de449fb0f65c28,2024-10-01T08:15:06.313000 -CVE-2024-9271,1,1,2ea88abcbf961aaa15b521ad34b35dc9cddcc77bca5e08580f9b2be138919aef,2024-10-04T10:15:13.873000 -CVE-2024-9272,0,0,3bcc3e0378e59bc6d6daede197b60eb874d387818f18424bcf6330089754e28e,2024-10-01T08:15:06.510000 +CVE-2024-9269,0,1,89e3d14dbb396872dee171ef3aa7d49f480ae977e81c830f9aba067690d7384e,2024-10-04T13:51:25.567000 +CVE-2024-9271,0,1,f3c202c0ad500e792ae6ebdab959c950d5bc6954e7743984e8f43b766b6f4279,2024-10-04T13:50:43.727000 +CVE-2024-9272,0,1,a24b66874e7208e8487d25208cbebeb411ca8d85bf3090e22e1f2bb545069376,2024-10-04T13:51:25.567000 CVE-2024-9273,0,0,d541667891e816199f828382e531f52a986321fd7f85b5856a4bc94c161620a8,2024-09-27T17:15:14.550000 -CVE-2024-9274,0,0,cc5814507328948ef506c997bdd3cfe686c60b8346a4520f66a47bfd431a0fe5,2024-10-01T08:15:06.723000 +CVE-2024-9274,0,1,2037630015d7981ca2f17f5b5ebd5ed888a888a70c321160893203ffe30592cc,2024-10-04T13:51:25.567000 CVE-2024-9275,0,0,2d363e7e722e63cd2661e2a98149b3adb868d16d23141b985f0c74f5c5c9c2f4,2024-09-30T12:45:57.823000 CVE-2024-9276,0,0,f734c634e0a6a6bec2ec58d8e7062cd3473bc99a18d0bd4e8d6373e8c6062747,2024-09-30T12:45:57.823000 CVE-2024-9277,0,0,f1e655f47eee936d686b54fb8b9515ecc545b62a1b1d9dc4ecb649b1a6422fb1,2024-09-30T12:45:57.823000 CVE-2024-9278,0,0,c98fcdf08646aa34f8340bebd0cc0bb33c3ae12e8654eff8d2a257bd74e720e1,2024-09-30T12:45:57.823000 -CVE-2024-9279,0,0,120a04e58ff2856b1c90656215ddc756b7c903dbeb054250ac7ba7fa5bad9d2a,2024-09-30T12:45:57.823000 +CVE-2024-9279,0,1,7995dae8d80d9aceb8f8f1a0c26fe2c24fd69dabb9ce47d89a8ec7eebd2ce251,2024-10-04T13:31:36 CVE-2024-9280,0,0,154585c0a1da4b9e6aecc43fd773bb8a235f7dbe7152a130bce56aa888f62393,2024-09-30T12:45:57.823000 CVE-2024-9281,0,0,c535ba93d476c27150ada599110947211096684c7f9bbe8d00abfb427ea61a29,2024-09-30T12:45:57.823000 CVE-2024-9282,0,0,28da861d055c9625e1f872cd5351aaa1e1bfe131c026ad30a30cf3906bc154e7,2024-09-30T12:45:57.823000 CVE-2024-9283,0,0,a5233c3b589826e3e09dfcafb866e56b060b301af37e2de0e699930a9008fdfe,2024-09-30T12:45:57.823000 CVE-2024-9284,0,0,e077aa9b3331db7cd8049b8d7f3273d870b80909d1916943a385cf9659e49d1c,2024-09-30T12:45:57.823000 -CVE-2024-9289,0,0,9a18d10b50df0542020b3ea9201bf2da84a3ee57b57cb75c6300bcc0e9d312da,2024-10-01T09:15:09.320000 +CVE-2024-9289,0,1,737b187281ff60fe655db4688d814fd7c3a3cea0d3f36e85e65e41d1186eb89d,2024-10-04T13:51:25.567000 CVE-2024-9291,0,0,b88fea8223aa63c1df245ec34d5a9ae6249acdcbf799f14cbc2ab52d8c1fa2a6,2024-09-30T12:45:57.823000 CVE-2024-9293,0,0,cfc68c60c376b348e2db1dfc60e29304979c6f29bbb8e9627dd9fb163636b5c5,2024-09-30T12:45:57.823000 CVE-2024-9294,0,0,df4e8ca812056069ce686ccc519c918f454c6a35b9074b986ab12abfbd42a42d,2024-09-30T12:45:57.823000 @@ -264404,9 +264415,9 @@ CVE-2024-9298,0,0,e179dc30316d3f51823976ae1e224e806200bc4ae331001c4ddb8b975ec606 CVE-2024-9299,0,0,0e06149ad72b9bceed8023fce5d46e4c2d87e230ca1e26b3a70118742de53dd5,2024-10-01T13:36:06.977000 CVE-2024-9300,0,0,8cf4fd8be1a68079d9b09593a267df47fb69eec7140ede32d9eeb623680961c8,2024-10-01T13:34:58.760000 CVE-2024-9301,0,0,73ba33e42a5a66e63775d86ddfdf57e7a04bcd9ceda925406fc4894f153c084a,2024-09-30T12:45:57.823000 -CVE-2024-9304,0,0,77296627b4e73471315e7e445cf2a4183f5c2120111f84509ea16b607bc5907e,2024-10-01T08:15:06.943000 -CVE-2024-9306,0,0,4ca35b197e1e8441ae7b54d80e40679c30ed3e0a26a5e3ec8e56c166d1689ce9,2024-10-04T07:15:03.550000 -CVE-2024-9313,0,0,533b0d999ec7273986b8e84d0a0b2d019578bc94f6735184fe1b7224c917a32a,2024-10-03T11:15:13.940000 +CVE-2024-9304,0,1,f4e2b697051bb54ba85260a74446cf2ab04e7ed5a9a99551a585b1547839152d,2024-10-04T13:51:25.567000 +CVE-2024-9306,0,1,c8859ae4f31fd9a0006087320a8c378196469fd682a39c8fee84f5eee69b53c2,2024-10-04T13:50:43.727000 +CVE-2024-9313,0,1,8eab8e6a12fcb7dddda62f8c34fd34d547229d6ef4cec2e38f61189642da0e5f,2024-10-04T13:50:43.727000 CVE-2024-9315,0,0,dcae3590349756096f3149f913fcd278d961f7a38fe3ece525d39bf3aa5da14a,2024-10-01T13:33:59.480000 CVE-2024-9316,0,0,dc1cd9e0c0f14c1ac859a7efc8a45f5e2b48ab85717e9999593b73d7873483e5,2024-10-02T13:29:29.813000 CVE-2024-9317,0,0,f67b854cd75d25217a31bdd6074d6f9f6352c2218386ab264e509a61a09e8c0d,2024-10-01T13:32:39.140000 @@ -264422,42 +264433,47 @@ CVE-2024-9326,0,0,ac353111de081e75045512f212a47527fdd858d5e54a48eba79a4b87a1838d CVE-2024-9327,0,0,9bb62fae114b1c29588ad2672d640859a17a9f3af7375a799fc34e218e9d39c9,2024-10-02T12:57:17.787000 CVE-2024-9328,0,0,a5f7378f6f2f1cd502f7cde1b5f6090c2d79ebec3e3af2aa2eaafb1f04d0c325,2024-10-01T11:34:57.773000 CVE-2024-9329,0,0,98bed362b2a24e4db4311c4ce14eee7b5d7d3a2b87c87f5c94a31ac7bc8ac4f5,2024-09-30T12:45:57.823000 -CVE-2024-9333,0,0,3a8b8751894004acbe0040a54680e8b99075c8756a62d62c518a0edb7a9ddf75,2024-10-02T06:15:11.113000 -CVE-2024-9341,0,0,d5fd607e07f2946dcf80c0714f2f83eb8231c34e7bb32f10864cd8428533f0a9,2024-10-01T19:15:09.500000 -CVE-2024-9344,0,0,32aab7c62363bb5e8b74c4e4a828c4e6e171f449ac6c37ef316871cdf05e101c,2024-10-02T09:15:03.570000 -CVE-2024-9345,0,0,2e8af666d6c5df17d4424776fd4016ddea5d78a1b447798bc53fa75df840e21d,2024-10-04T05:15:12.607000 -CVE-2024-9349,0,0,1f3c02de0fb0bb4c91966ffa114e34548bc24053bbe2cc51e34b17541bec6de4,2024-10-04T05:15:12.820000 -CVE-2024-9353,0,0,e47821e79d15855a413505880e7295d75192b7757196e53442e952fb2bd7d08d,2024-10-04T05:15:13.037000 -CVE-2024-9355,0,0,3e3c8f3f8e7ed29b00e92413e5234e08087b4d88f7dc05294ac817c99bd601d8,2024-10-03T01:15:12.127000 -CVE-2024-9358,0,0,0152cc075779a766d901f87385961645ed224130afe67fa457b1ec2b8de41536,2024-10-01T02:15:10.340000 -CVE-2024-9359,0,0,5e91a64536057dea096939e15114b5b156ad006dfcccaeb6e7ef261c97c1ddd2,2024-10-01T02:15:10.657000 -CVE-2024-9360,0,0,bc1b1d81b39a5da5efaa713a48768241d5b68973f72008d946c08564d584aa3a,2024-10-01T03:15:02.690000 -CVE-2024-9368,0,0,f79d0951e2a13d2f65f159b2de4aa22d6953e51d5e3b86e5da1c2b718c7cf2d8,2024-10-04T05:15:13.240000 -CVE-2024-9372,0,0,7161550f53833c9833a1d8cf5acd6c6860159a7cf90fd93d5f059f988f5e22fd,2024-10-04T05:15:13.440000 -CVE-2024-9375,0,0,7992c2b7f6debe87cf58ada11289e3227335df9483b26aea6fcee2160cd37c68,2024-10-04T05:15:13.630000 -CVE-2024-9378,0,0,625bda20be6d01a82e3797535fa08f28bfd8bc3a2a03303024fa88544f391e86,2024-10-02T09:15:04.257000 -CVE-2024-9384,0,0,27b272bb47d58d7b2ab78d202eabde91f25eaf0ef1f7c4705dd0e06ea8b2b59b,2024-10-04T05:15:13.837000 -CVE-2024-9391,0,0,4c41432718e7451dc470a85181cb09fb2bd64b781f5907911b14b935baeaf954,2024-10-01T16:15:10.510000 -CVE-2024-9392,0,0,407207e9e6bd2b7ba92ed54ef3a4a35aab092bf9644ceeea6fbb3985d013ec81,2024-10-01T19:35:08.990000 -CVE-2024-9393,0,0,7475863af582d7682a6cb667413720d8e8e419cf18be5c21c0a8d554e15e8e48,2024-10-01T16:15:10.623000 -CVE-2024-9394,0,0,94ac2f796a28a48fb8529db6d17f57bb7aa19d5460b4224a06e050de703c7467,2024-10-01T16:15:10.683000 -CVE-2024-9395,0,0,146f3b6c203b667b0708a9cd79c0e427dcadd8287fbd519c028fdd750b54ddc2,2024-10-01T16:15:10.740000 -CVE-2024-9396,0,0,30f872d95bfbe66505283ad3346d27217f937a94e7cff3447a4a7706017b7395,2024-10-01T20:35:19.027000 -CVE-2024-9397,0,0,0e6dc018e27e106f8465f46982df3d3806f8eaa1705916a22bae5ef9542138bc,2024-10-01T16:15:10.847000 -CVE-2024-9398,0,0,cbf6d5eea6bb52c18b5f761a5bd1d0e77b201a1de5510ad862b43de95ab8a99e,2024-10-01T16:15:10.913000 -CVE-2024-9399,0,0,7831716ae62b7b01e34c5c67a387b7643b5b679c0690629c11f4db300e7b381a,2024-10-01T16:15:10.980000 -CVE-2024-9400,0,0,cc4fb93e00abf7802426c11e025b2c7a4c7347dd968ff958c1332299ebead6de,2024-10-01T19:35:10.277000 -CVE-2024-9401,0,0,ccf23971d5a906be4b8d96e3aa94ed0071c57600834a3074e4d71320bf7c6562,2024-10-01T18:35:10.363000 -CVE-2024-9402,0,0,9433d310ea442611994bb49cae76b6abe099452fd68462d2a25ab8d64b3a2459,2024-10-01T19:35:11.270000 -CVE-2024-9403,0,0,66d9e463986ac67ad9bceb6cae4045b10ea740cc9a13552aa6348c37ab2ae35e,2024-10-01T19:35:12.057000 -CVE-2024-9405,0,0,e9703465f499653ca07470a1ffd16e91f994c6f46933e9f402589910617b650e,2024-10-01T12:15:03.893000 -CVE-2024-9407,0,0,844e60b42bd22ac882920576f0244b4221aa1cb4e0aeb01caf7aa58317c74c32,2024-10-01T21:15:08.530000 -CVE-2024-9411,0,0,0ed7229fadcaa0ba2be6aae3ed0a903fea8ee7057f413ca8d29b7080b09aae26,2024-10-01T21:35:07.620000 -CVE-2024-9421,0,0,113e7be703208961a4797379eec546ebda83429cccc93934d64732f5dbb32085,2024-10-04T05:15:14.030000 -CVE-2024-9423,0,0,c94940e86c4d0857c214a72b7785993b36e482d8dc6d4d5d12ed70a35b4f0f3b,2024-10-02T16:15:11.250000 -CVE-2024-9429,0,0,db0d8ee6274f5889e645bc8f06bc2c127c429edd7f6e0ee6aa8f7a2649e83d4c,2024-10-02T13:15:12.617000 -CVE-2024-9435,0,0,3547393000ed8dce8618b05e9dca518261bffd0df796ca17f2125743b1b7dc37,2024-10-04T07:15:03.857000 -CVE-2024-9440,0,0,a014a1e56d1851c7e48b58fd953e33ac08c51de3cb3a714389caa1ff00e4d989,2024-10-02T19:15:15.880000 -CVE-2024-9441,0,0,384255352f00f9a9db206fa87755d8414cb6b20054a48cca8134e02f7821516e,2024-10-02T19:15:16.100000 -CVE-2024-9445,0,0,fabfc564c6ed891571f4b9f8b25796aae5fe877150de0eb458cd1c36e31c1f17,2024-10-04T05:15:14.230000 -CVE-2024-9460,0,0,c45527c9aa3bef2caa2988896eb5117783d1d1826b53f204f2918ba4014e6cae,2024-10-03T15:15:15.750000 +CVE-2024-9333,0,1,29d3d497691b594c7c49948d48e229bbe8c23108f2eef552b2f92cd89acf1f06,2024-10-04T13:50:43.727000 +CVE-2024-9341,0,1,6f06f8dbcaa27a536f49e7e7f0e59eeeae4e39f281abffa47a8e4056674c26ad,2024-10-04T13:51:25.567000 +CVE-2024-9344,0,1,c8b7b78d2c8550e1f7ac90ab31d3ccd451ea906d2e1b378b917a05c8f6be0088,2024-10-04T13:50:43.727000 +CVE-2024-9345,0,1,f92a961dbc4f0c8ba79f679ac584baeb5523dd310ce30414d422a425c8fd1782,2024-10-04T13:50:43.727000 +CVE-2024-9349,0,1,d93ebf21205a68549107b9eb4027ef2497abf7f2b80843c1be13a041c232bc94,2024-10-04T13:50:43.727000 +CVE-2024-9353,0,1,b924aba767123c53d0fe02fb416cc00784b5397574d1ca21e990936e9a08f0ad,2024-10-04T13:50:43.727000 +CVE-2024-9355,0,1,2335659835f921193e44d10d2f6efb8c86e6209b896584e38b7b031dda2058dd,2024-10-04T13:51:25.567000 +CVE-2024-9358,0,1,ad1311c8435fb7ce092ff9c8b7c1abe83209465bc92e72b7b733a8ea9fa4bf3c,2024-10-04T13:51:25.567000 +CVE-2024-9359,0,1,8f6423d3d4fd1df746bc648891fd37fb4a7a89f93d88aa345903f56539591dac,2024-10-04T13:51:25.567000 +CVE-2024-9360,0,1,58e37ff1d4358444726952edea15b81761fbf4fd305110d92e1780bd8905eb9e,2024-10-04T13:51:25.567000 +CVE-2024-9368,0,1,e7a9c605e0cbf9cdb1d319aa8ea22e93a6f5e80855432922ca5e53112d3a4bc4,2024-10-04T13:50:43.727000 +CVE-2024-9372,0,1,10044aa8051896e85376f9c9a7c998e54b899918a5f49add6f2a59ddb1044af6,2024-10-04T13:50:43.727000 +CVE-2024-9375,0,1,a9c3ca594e219c636214fd2ce314e67161e6c9af25ea164279fc4bb791df9806,2024-10-04T13:50:43.727000 +CVE-2024-9378,0,1,7a8325e6b9b9ab5f87224c3f7949059cac46c7e9016e933e1570af8b9833e04e,2024-10-04T13:50:43.727000 +CVE-2024-9384,0,1,4f253b4f2066223670f6dee57b053f19faa6b05364caf5542c3a801535a8dd5a,2024-10-04T13:50:43.727000 +CVE-2024-9391,0,1,7d6eba489d698d80c25274418cf61f043b91561cc903d053b7833bff789db601,2024-10-04T13:51:25.567000 +CVE-2024-9392,0,1,beca44e590b21e5502ca4e733f60749ac893cd13053addd71013500d8f613300,2024-10-04T13:51:25.567000 +CVE-2024-9393,0,1,96bdaf874ad6083dd8fd8845ba7fe8bf267c5ff001eb7dd6e7d50847bf69aa1b,2024-10-04T13:51:25.567000 +CVE-2024-9394,0,1,abf905f829b1270d45e9e349529018bdeb4545fef0f1ac86af340f1152f05e61,2024-10-04T13:51:25.567000 +CVE-2024-9395,0,1,5635514233d9ffee7876b8b2143dfc7636f2a12f95a3e319a76e442d8673b9b2,2024-10-04T13:51:25.567000 +CVE-2024-9396,0,1,530fd74976554bcd60385c13cda51e8c090f8d2168af9c130173451c01d15309,2024-10-04T13:51:25.567000 +CVE-2024-9397,0,1,4ea6dbe3defa98c7ced4d09635f5b4a9f4e6ecf14f272d06fff83c80c707d7fa,2024-10-04T13:51:25.567000 +CVE-2024-9398,0,1,308913ab326bd85d98d2cbd001881e158ce455820e0f8abcad23a80f40863255,2024-10-04T13:51:25.567000 +CVE-2024-9399,0,1,a8306eeaf5f6d420fcd1d35299a7796a21f85097b65705c4ac2794bceab9b67e,2024-10-04T13:51:25.567000 +CVE-2024-9400,0,1,a07b092a7377838a4bb1e87b4e3b2f09cba515c42895dfa1fbf9dfd7eae19700,2024-10-04T13:51:25.567000 +CVE-2024-9401,0,1,9842edf4bc941b30860cfd929934eb8ba10b8d9f58d891f69f78bdfbf96f468c,2024-10-04T13:51:25.567000 +CVE-2024-9402,0,1,04bb4c5739f014caa4b772ec804b7222edbe186c7bb2fe331673658400879b23,2024-10-04T13:51:25.567000 +CVE-2024-9403,0,1,c1afe1062aca6f3e2bbfc345cdb3697cf0c5243163e1e418a6944c658c5bb841,2024-10-04T13:51:25.567000 +CVE-2024-9405,0,1,5a1aaacdf03c4deeb5787d411c40d8ad3aed60be9320ac0ab9cd4983368bffee,2024-10-04T13:51:25.567000 +CVE-2024-9407,0,1,c86f90b2fe6be22dec486d34b9c6e67b91a5945de93bcc27372041ed6a426800,2024-10-04T13:50:43.727000 +CVE-2024-9411,0,1,09446adc9a52ba88acfc951352e9088b24cfd1cdb8a001643ee070875c43ffef,2024-10-04T13:51:25.567000 +CVE-2024-9421,0,1,9a8bea0e59d0ab668a3cbf6b96506990581414c04a5ce69b672a275a746007d3,2024-10-04T13:50:43.727000 +CVE-2024-9423,0,1,080f0a87d4561f3316974a1b5473f0b3836e39e629c6273c7813cc62b41d4a31,2024-10-04T13:50:43.727000 +CVE-2024-9429,0,1,592d43b27195b972d7813524b33408fe322b92c7bc3230cbbdb100a79ac0eaa8,2024-10-04T13:50:43.727000 +CVE-2024-9435,0,1,dd30383dc280040df042a11097fa6cc76ccaa80c55710936c096ba1dc41cada4,2024-10-04T13:50:43.727000 +CVE-2024-9440,0,1,843a4b0691140c8544f03abfab0d72b48e96752c7147156cb98041d58d09b93a,2024-10-04T13:50:43.727000 +CVE-2024-9441,0,1,1eef796e7a879df6819e9c253093e433508e2bb2fbba7042830a70bc7a4951a7,2024-10-04T13:50:43.727000 +CVE-2024-9445,0,1,0c93ce7f42df628ab9963b0c4991253722d7526551714beaaf6a06be3b0d53b0,2024-10-04T13:50:43.727000 +CVE-2024-9460,0,1,b1e465c88eb90ead630b69c31ba7996284434b6d6cb7ca81e044245f760d2699,2024-10-04T13:50:43.727000 +CVE-2024-9481,1,1,d47799c935f3894a1eb77a57851e2857614dcde60b18ca54bd2e7df5819c5f83,2024-10-04T13:50:43.727000 +CVE-2024-9482,1,1,f3165a4a24a2f9114d882c0f7f29d9fd657c327243b8585b7ba3adb352065c7e,2024-10-04T13:50:43.727000 +CVE-2024-9483,1,1,3a05dd369a56fa7d8019ce26b0a40ec5faf2156ca92b0ceaf0493b163c999d00,2024-10-04T13:50:43.727000 +CVE-2024-9484,1,1,09a6a45178e5434bfb1cb0415a67ebc11284aea03e94bd83c401b848478b5c91,2024-10-04T13:50:43.727000 +CVE-2024-9513,1,1,10f22e26d94cea8688c054ad49deba44171c8b07bc6c0d1de3fa45dd9ff56e5a,2024-10-04T13:50:43.727000