Auto-Update: 2024-02-20T21:00:31.389455+00:00

CVE-2020/CVE-2020-367xx/CVE-2020-36774.json

@@ -2,12 +2,16 @@
   "id": "CVE-2020-36774",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-02-19T02:15:47.690",
-  "lastModified": "2024-02-19T02:15:47.690",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash)."
+    },
+    {
+      "lang": "es",
+      "value": "plugins/gtk+/glade-gtk-box.c en GNOME Glade anterior a 3.38.1 y 3.39.x anterior a 3.40.0 maneja mal la reconstrucci\u00f3n de widgets para GladeGtkBox, lo que provoca una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n)."
     }
   ],
   "metrics": {},

CVE-2022/CVE-2022-417xx/CVE-2022-41737.json

@@ -2,12 +2,16 @@
   "id": "CVE-2022-41737",
   "sourceIdentifier": "psirt@us.ibm.com",
   "published": "2024-02-17T17:15:07.577",
-  "lastModified": "2024-02-17T17:15:07.577",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local attacker to initiate connections from a container outside the current namespace.  IBM X-Force ID:  237811."
+    },
+    {
+      "lang": "es",
+      "value": "IBM Storage Scale Container Native Storage Access 5.1.2.1 a 5.1.7.0 podr\u00eda permitir a un atacante local iniciar conexiones desde un contenedor fuera del espacio de nombres actual. ID de IBM X-Force: 237811."
     }
   ],
   "metrics": {

CVE-2022/CVE-2022-417xx/CVE-2022-41738.json

@@ -2,12 +2,16 @@
   "id": "CVE-2022-41738",
   "sourceIdentifier": "psirt@us.ibm.com",
   "published": "2024-02-17T17:15:07.790",
-  "lastModified": "2024-02-17T17:15:07.790",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks.  IBM X-Force ID:  237812."
+    },
+    {
+      "lang": "es",
+      "value": "IBM Storage Scale Container Native Storage Access 5.1.2.1 hasta 5.1.7.0 podr\u00eda permitir a un atacante iniciar conexiones a contenedores desde redes externas. ID de IBM X-Force: 237812."
     }
   ],
   "metrics": {

CVE-2022/CVE-2022-424xx/CVE-2022-42443.json

@@ -2,12 +2,16 @@
   "id": "CVE-2022-42443",
   "sourceIdentifier": "psirt@us.ibm.com",
   "published": "2024-02-17T17:15:07.973",
-  "lastModified": "2024-02-17T17:15:07.973",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "An undisclosed issue in Trusteer iOS SDK for mobile versions prior to 5.7 and Trusteer Android SDK for mobile versions prior to 5.7 may allow uploading of files.  IBM X-Force ID:  238535."
+    },
+    {
+      "lang": "es",
+      "value": "Un problema no revelado en Trusteer iOS SDK para versiones m\u00f3viles anteriores a 5.7 y Trusteer Android SDK para versiones m\u00f3viles anteriores a 5.7 puede permitir la carga de archivos. ID de IBM X-Force: 238535."
     }
   ],
   "metrics": {

CVE-2022/CVE-2022-453xx/CVE-2022-45320.json

@@ -2,12 +2,16 @@
   "id": "CVE-2022-45320",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-02-20T05:15:07.613",
-  "lastModified": "2024-02-20T05:15:07.613",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Liferay Portal before 7.4.3.16 and Liferay DXP before 7.2 fix pack 19, 7.3 before update 6, and 7.4 before update 16 allow remote authenticated users to become the owner of a wiki page by editing the wiki page."
+    },
+    {
+      "lang": "es",
+      "value": "Liferay Portal anterior a 7.4.3.16 y Liferay DXP anterior a 7.2 fixpack 19, 7.3 anterior a la actualizaci\u00f3n 6 y 7.4 anterior a la actualizaci\u00f3n 16 permiten a los usuarios autenticados remotamente convertirse en propietarios de una p\u00e1gina wiki editando la p\u00e1gina wiki."
     }
   ],
   "metrics": {},

CVE-2022/CVE-2022-486xx/CVE-2022-48621.json

@@ -2,12 +2,16 @@
   "id": "CVE-2022-48621",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T07:15:07.700",
-  "lastModified": "2024-02-18T07:15:07.700",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de falta de autenticaci\u00f3n para funciones cr\u00edticas en el m\u00f3dulo Wi-Fi. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
     }
   ],
   "metrics": {},

CVE-2022/CVE-2022-486xx/CVE-2022-48624.json

@@ -2,12 +2,16 @@
   "id": "CVE-2022-48624",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-02-19T01:15:48.643",
-  "lastModified": "2024-02-19T01:15:48.643",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE."
+    },
+    {
+      "lang": "es",
+      "value": "close_altfile en filename.c en less antes de 606 omite las llamadas shell_quote para LESSCLOSE."
     }
   ],
   "metrics": {},

CVE-2022/CVE-2022-486xx/CVE-2022-48625.json

@@ -2,12 +2,16 @@
   "id": "CVE-2022-48625",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-02-20T00:15:14.393",
-  "lastModified": "2024-02-20T00:15:14.393",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a risk of decryption by an adversary."
+    },
+    {
+      "lang": "es",
+      "value": "Yealink Config Encrypt Tool agrega RSA anterior a 1.2 tiene un par de claves RSA incorporado y, por lo tanto, existe el riesgo de que un adversario lo descifre."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-218xx/CVE-2023-21833.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-21833",
   "sourceIdentifier": "secalert_us@oracle.com",
   "published": "2024-02-17T02:15:45.170",
-  "lastModified": "2024-02-17T02:15:45.170",
+  "lastModified": "2024-02-20T19:51:05.510",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Object Store).   The supported version that is affected is 8.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle ZFS Storage Appliance Kit accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad en el producto Oracle ZFS Storage Appliance Kit de Oracle Systems (componente: Object Store). La versi\u00f3n compatible que se ve afectada es la 8.8. Una vulnerabilidad f\u00e1cilmente explotable permite a un atacante con pocos privilegios y acceso a la red a trav\u00e9s de HTTP comprometer el kit de dispositivos de almacenamiento Oracle ZFS. Los ataques exitosos de esta vulnerabilidad pueden resultar en acceso de lectura no autorizado a un subconjunto de datos accesibles del Oracle ZFS Storage Appliance Kit. CVSS 3.1 Puntaje base 4.3 (Impactos en la confidencialidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-317xx/CVE-2023-31728.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-31728",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-02-17T04:15:07.503",
-  "lastModified": "2024-02-17T04:15:07.503",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Teltonika RUT240 devices with firmware before 07.04.2, when bridge mode is used, sometimes make SSH and HTTP services available on the IPv6 WAN interface even though the UI shows that they are only available on the LAN interface."
+    },
+    {
+      "lang": "es",
+      "value": "Los dispositivos Teltonika RUT240 con firmware anterior a 07.04.2, cuando se utiliza el modo puente, a veces hacen que los servicios SSH y HTTP est\u00e9n disponibles en la interfaz WAN IPv6 aunque la interfaz de usuario muestre que solo est\u00e1n disponibles en la interfaz LAN."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-385xx/CVE-2023-38562.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-38562",
   "sourceIdentifier": "talos-cna@cisco.com",
   "published": "2024-02-20T15:15:08.020",
-  "lastModified": "2024-02-20T18:15:49.790",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-395xx/CVE-2023-39540.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-39540",
   "sourceIdentifier": "talos-cna@cisco.com",
   "published": "2024-02-20T15:15:08.323",
-  "lastModified": "2024-02-20T18:15:49.890",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-395xx/CVE-2023-39541.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-39541",
   "sourceIdentifier": "talos-cna@cisco.com",
   "published": "2024-02-20T15:15:08.533",
-  "lastModified": "2024-02-20T18:15:49.973",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-400xx/CVE-2023-40057.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-40057",
   "sourceIdentifier": "psirt@solarwinds.com",
   "published": "2024-02-15T21:15:08.247",
-  "lastModified": "2024-02-16T13:38:00.047",
+  "lastModified": "2024-02-20T20:39:34.817",
-  "vulnStatus": "Awaiting Analysis",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
@@ -50,10 +50,32 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "2023.2.2",
+              "matchCriteriaId": "C1D2B6ED-102D-4654-B95B-73E06277861B"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40057",
-      "source": "psirt@solarwinds.com"
+      "source": "psirt@solarwinds.com",
+      "tags": [
+        "Patch",
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-427xx/CVE-2023-42791.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-42791",
   "sourceIdentifier": "psirt@fortinet.com",
   "published": "2024-02-20T14:15:08.030",
-  "lastModified": "2024-02-20T14:15:08.030",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-443xx/CVE-2023-44308.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44308",
   "sourceIdentifier": "security@liferay.com",
   "published": "2024-02-20T07:15:08.033",
-  "lastModified": "2024-02-20T07:15:08.033",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Open redirect vulnerability in adaptive media administration page in Liferay DXP 2023.Q3 before patch 6, and 7.4 GA through update 92 allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_adaptive_media_web_portlet_AMPortlet_redirect parameter."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de redireccionamiento abierto en la p\u00e1gina de administraci\u00f3n de medios adaptables en Liferay DXP 2023.Q3 antes del parche 6 y 7.4 GA hasta la actualizaci\u00f3n 92 permite a atacantes remotos redirigir a los usuarios a URL externas arbitrarias a trav\u00e9s del par\u00e1metro _com_liferay_adaptive_media_web_portlet_AMPortlet_redirect."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-453xx/CVE-2023-45318.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-45318",
   "sourceIdentifier": "talos-cna@cisco.com",
   "published": "2024-02-20T15:15:08.727",
-  "lastModified": "2024-02-20T18:15:50.060",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-455xx/CVE-2023-45581.json

@@ -2,16 +2,40 @@
   "id": "CVE-2023-45581",
   "sourceIdentifier": "psirt@fortinet.com",
   "published": "2024-02-15T14:15:45.033",
-  "lastModified": "2024-02-15T14:28:20.067",
+  "lastModified": "2024-02-20T20:54:47.437",
-  "vulnStatus": "Awaiting Analysis",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
       "value": "An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10 allows an\u00a0Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de administraci\u00f3n de privilegios inadecuada [CWE-269] en Fortinet FortiClientEMS versi\u00f3n 7.2.0 a 7.2.2 y anteriores a 7.0.10 permite a un administrador del sitio con privilegios de superadministrador realizar operaciones administrativas globales que afectan a otros sitios a trav\u00e9s de solicitudes HTTP o HTTPS manipuladas."
     }
   ],
   "metrics": {
     "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
+      },
       {
         "source": "psirt@fortinet.com",
         "type": "Secondary",
@@ -36,8 +60,18 @@
   },
   "weaknesses": [
     {
-      "source": "psirt@fortinet.com",
+      "source": "nvd@nist.gov",
       "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    },
+    {
+      "source": "psirt@fortinet.com",
+      "type": "Secondary",
       "description": [
         {
           "lang": "en",
@@ -46,10 +80,38 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "7.0.10",
+              "matchCriteriaId": "17D081E7-E4F0-4E0F-BEBF-BF3AD0641861"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "7.2.0",
+              "versionEndIncluding": "7.2.2",
+              "matchCriteriaId": "3C4BC53A-0E69-4CDE-B89A-E6AAC3ADB1E0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://fortiguard.com/psirt/FG-IR-23-357",
-      "source": "psirt@fortinet.com"
+      "source": "psirt@fortinet.com",
+      "tags": [
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-459xx/CVE-2023-45918.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-45918",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-02-16T22:15:07.880",
-  "lastModified": "2024-02-16T22:15:07.880",
+  "lastModified": "2024-02-20T19:51:05.510",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c."
+    },
+    {
+      "lang": "es",
+      "value": "ncurses 6.4-20230610 tiene una desreferencia de puntero NULL en tgetstr en tinfo/lib_termcap.c."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-476xx/CVE-2023-47635.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-47635",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2024-02-20T18:15:50.147",
-  "lastModified": "2024-02-20T18:15:50.147",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-482xx/CVE-2023-48220.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-48220",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2024-02-20T18:15:50.350",
-  "lastModified": "2024-02-20T18:15:50.350",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-491xx/CVE-2023-49109.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-49109",
   "sourceIdentifier": "security@apache.org",
   "published": "2024-02-20T10:15:07.927",
-  "lastModified": "2024-02-20T13:15:07.877",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-492xx/CVE-2023-49250.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-49250",
   "sourceIdentifier": "security@apache.org",
   "published": "2024-02-20T10:15:08.040",
-  "lastModified": "2024-02-20T13:15:07.953",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-502xx/CVE-2023-50257.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-50257",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2024-02-19T20:15:45.310",
-  "lastModified": "2024-02-19T20:15:45.310",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (`p[UD]`) and `guid` values used to disconnect between nodes are not encrypted, a vulnerability has been discovered where a malicious attacker can forcibly disconnect a Subscriber and can deny a Subscriber attempting to connect. Afterwards, if the attacker sends the packet for disconnecting, which is data (`p[UD]`), to the Global Data Space (`239.255.0.1:7400`) using the said Publisher ID, all the Subscribers (Listeners) connected to the Publisher (Talker) will not receive any data and their connection will be disconnected. Moreover, if this disconnection packet is sent continuously, the Subscribers (Listeners) trying to connect will not be able to do so. Since the initial commit of the `SecurityManager.cpp` code (`init`, `on_process_handshake`) on Nov 8, 2016, the Disconnect Vulnerability in RTPS Packets Used by SROS2 has been present prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7."
+    },
+    {
+      "lang": "es",
+      "value": "eProsima Fast DDS (anteriormente Fast RTPS) es una implementaci\u00f3n en C++ del est\u00e1ndar del Servicio de distribuci\u00f3n de datos del Object Management Group. Incluso con la aplicaci\u00f3n de SROS2, debido al problema donde los datos (`p[UD]`) y los valores `guid` utilizados para desconectar entre nodos no est\u00e1n cifrados, se ha descubierto una vulnerabilidad en la que un atacante malintencionado puede desconectar por la fuerza a un suscriptor y puede negarle a un suscriptor que intente conectarse. Posteriormente, si el atacante env\u00eda el paquete para desconectarse, que son datos (`p[UD]`), al Espacio de Datos Global (`239.255.0.1:7400`) usando dicho ID de Editor, todos los Suscriptores (Oyentes) conectados al Publicador (Hablador) no recibir\u00e1 ning\u00fan dato y su conexi\u00f3n se desconectar\u00e1. Adem\u00e1s, si este paquete de desconexi\u00f3n se env\u00eda continuamente, los suscriptores (Oyentes) que intenten conectarse no podr\u00e1n hacerlo. Desde el commit inicial del c\u00f3digo `SecurityManager.cpp` (`init`, `on_process_handshake`) el 8 de noviembre de 2016, la vulnerabilidad de desconexi\u00f3n en los paquetes RTPS utilizados por SROS2 ha estado presente antes de las versiones 2.13.0, 2.12.2, 2.11.3, 2.10.3 y 2.6.7."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-502xx/CVE-2023-50270.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-50270",
   "sourceIdentifier": "security@apache.org",
   "published": "2024-02-20T10:15:08.140",
-  "lastModified": "2024-02-20T13:15:08.013",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-503xx/CVE-2023-50306.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-50306",
   "sourceIdentifier": "psirt@us.ibm.com",
   "published": "2024-02-20T14:15:08.237",
-  "lastModified": "2024-02-20T14:15:08.237",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-509xx/CVE-2023-50951.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-50951",
   "sourceIdentifier": "psirt@us.ibm.com",
   "published": "2024-02-17T16:15:46.443",
-  "lastModified": "2024-02-17T16:15:46.443",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts.  IBM X-Force ID:  275747."
+    },
+    {
+      "lang": "es",
+      "value": "IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 en algunas circunstancias registrar\u00e1n informaci\u00f3n confidencial sobre intentos de autorizaci\u00f3n no v\u00e1lidos. ID de IBM X-Force: 275747."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-514xx/CVE-2023-51447.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-51447",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2024-02-20T18:15:50.547",
-  "lastModified": "2024-02-20T18:15:50.547",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-517xx/CVE-2023-51770.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-51770",
   "sourceIdentifier": "security@apache.org",
   "published": "2024-02-20T10:15:08.243",
-  "lastModified": "2024-02-20T13:15:08.077",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-51xx/CVE-2023-5190.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-5190",
   "sourceIdentifier": "security@liferay.com",
   "published": "2024-02-20T06:15:07.680",
-  "lastModified": "2024-02-20T06:15:07.680",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Open redirect vulnerability in the Countries Management\u2019s edit region page in Liferay Portal 7.4.3.45 through 7.4.3.101, and Liferay DXP 2023.Q3 before patch 6, and 7.4 update 45 through 92 allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_address_web_internal_portlet_CountriesManagementAdminPortlet_redirect parameter."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de redireccionamiento abierto en la p\u00e1gina de edici\u00f3n de regi\u00f3n de Gesti\u00f3n de Pa\u00edses en Liferay Portal 7.4.3.45 a 7.4.3.101, y Liferay DXP 2023.Q3 antes del parche 6, y 7.4 actualizaci\u00f3n 45 a 92 permite a atacantes remotos redirigir a los usuarios a URL externas arbitrarias a trav\u00e9s de _com_liferay_address_web_internal_portlet_CountriesManagementAdminPortlet_redirect par\u00e1metro."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-520xx/CVE-2023-52097.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52097",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T03:15:08.403",
-  "lastModified": "2024-02-18T03:15:08.403",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of foreground service restrictions being bypassed in the NMS module.Successful exploitation of this vulnerability may affect service confidentiality."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de las restricciones del servicio en primer plano que se omiten en el m\u00f3dulo NMS. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52357.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52357",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T03:15:08.590",
-  "lastModified": "2024-02-18T03:15:08.590",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful exploitation of this vulnerability may affect availability."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de discrepancia entre serializaci\u00f3n y deserializaci\u00f3n en el framework de vibraci\u00f3n. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52358.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52358",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T03:15:08.640",
-  "lastModified": "2024-02-18T03:15:08.640",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of configuration defects in some APIs of the audio module.Successful exploitation of this vulnerability may affect availability."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de defectos de configuraci\u00f3n en algunas API del m\u00f3dulo de audio. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52360.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52360",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T03:15:08.683",
-  "lastModified": "2024-02-18T03:15:08.683",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Logic vulnerabilities in the baseband.Successful exploitation of this vulnerability may affect service integrity."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidades l\u00f3gicas en la banda base. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la integridad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52361.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52361",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T03:15:08.730",
-  "lastModified": "2024-02-18T03:15:08.730",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful exploitation of this vulnerability may affect integrity."
+    },
+    {
+      "lang": "es",
+      "value": "El m\u00f3dulo VerifiedBoot tiene una vulnerabilidad que puede causar errores de autenticaci\u00f3n. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la integridad."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52362.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52362",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T03:15:08.770",
-  "lastModified": "2024-02-18T03:15:08.770",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Permission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect availability."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de gesti\u00f3n de permisos en el m\u00f3dulo de pantalla de bloqueo. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52363.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52363",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T03:15:08.810",
-  "lastModified": "2024-02-18T03:15:08.810",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of defects introduced in the design process in the Control Panel module.Successful exploitation of this vulnerability may cause app processes to be started by mistake."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de defectos introducidos en el proceso de dise\u00f1o en el m\u00f3dulo Panel de control. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar que los procesos de la aplicaci\u00f3n se inicien por error."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52365.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52365",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T03:15:08.850",
-  "lastModified": "2024-02-18T03:15:08.850",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de lectura fuera de los l\u00edmites en el m\u00f3dulo de reconocimiento de actividad inteligente. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar que las funciones funcionen de manera anormal."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52366.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52366",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T04:15:07.560",
-  "lastModified": "2024-02-18T04:15:07.560",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de lectura fuera de los l\u00edmites en el m\u00f3dulo de reconocimiento de actividad inteligente. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar que las funciones funcionen de manera anormal."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52367.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52367",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T04:15:07.647",
-  "lastModified": "2024-02-18T04:15:07.647",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of improper access control in the media library module.Successful exploitation of this vulnerability may affect service availability and integrity."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de control de acceso inadecuado en el m\u00f3dulo de librer\u00eda multimedia. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad e integridad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52368.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52368",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T04:15:07.690",
-  "lastModified": "2024-02-18T04:15:07.690",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Input verification vulnerability in the account module.Successful exploitation of this vulnerability may cause features to perform abnormally."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de verificaci\u00f3n de entrada en el m\u00f3dulo de cuenta. La explotaci\u00f3n exitosa de esta vulnerabilidad puede causar que las funciones funcionen de manera anormal."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52369.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52369",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T04:15:07.760",
-  "lastModified": "2024-02-18T04:15:07.760",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may affect service availability and integrity."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el m\u00f3dulo NFC. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad e integridad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52370.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52370",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T04:15:07.803",
-  "lastModified": "2024-02-18T04:15:07.803",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file access."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el m\u00f3dulo de aceleraci\u00f3n de red. La explotaci\u00f3n exitosa de esta vulnerabilidad puede causar acceso no autorizado a archivos."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52371.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52371",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T04:15:07.873",
-  "lastModified": "2024-02-18T04:15:07.873",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of null references in the motor module.Successful exploitation of this vulnerability may affect availability."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de referencias nulas en el m\u00f3dulo motor. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52372.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52372",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T04:15:07.940",
-  "lastModified": "2024-02-18T04:15:07.940",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of input parameter verification in the motor module.Successful exploitation of this vulnerability may affect availability."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de verificaci\u00f3n de par\u00e1metros de entrada en el m\u00f3dulo del motor. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52373.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52373",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T04:15:08.007",
-  "lastModified": "2024-02-18T04:15:08.007",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of permission verification in the content sharing pop-up module.Successful exploitation of this vulnerability may cause unauthorized file sharing."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de verificaci\u00f3n de permisos en el m\u00f3dulo emergente para compartir contenido. La explotaci\u00f3n exitosa de esta vulnerabilidad puede causar el intercambio de archivos no autorizado."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52374.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52374",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T04:15:08.050",
-  "lastModified": "2024-02-18T04:15:08.050",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Permission control vulnerability in the package management module.Successful exploitation of this vulnerability may affect service confidentiality."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de control de permisos en el m\u00f3dulo de gesti\u00f3n de paquetes. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52375.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52375",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T06:15:07.593",
-  "lastModified": "2024-02-18T06:15:07.593",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Permission control vulnerability in the WindowManagerServices module.Successful exploitation of this vulnerability may affect availability."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de control de permisos en el m\u00f3dulo WindowManagerServices. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52376.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52376",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T06:15:08.290",
-  "lastModified": "2024-02-18T06:15:08.290",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Information management vulnerability in the Gallery module.Successful exploitation of this vulnerability may affect service confidentiality."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de gesti\u00f3n de informaci\u00f3n en el m\u00f3dulo Galer\u00eda. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52377.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52377",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T06:15:08.340",
-  "lastModified": "2024-02-18T06:15:08.340",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of input data not being verified in the cellular data module.Successful exploitation of this vulnerability may cause out-of-bounds access."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de que los datos de entrada no se verifiquen en el m\u00f3dulo de datos m\u00f3viles. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar un acceso fuera de los l\u00edmites."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52378.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52378",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T07:15:08.793",
-  "lastModified": "2024-02-18T07:15:08.793",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of incorrect service logic in the WindowManagerServices module.Successful exploitation of this vulnerability may cause features to perform abnormally."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de l\u00f3gica de servicio incorrecta en el m\u00f3dulo WindowManagerServices. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar que las funciones funcionen de manera anormal."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52379.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52379",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T07:15:09.070",
-  "lastModified": "2024-02-18T07:15:09.070",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Permission control vulnerability in the calendarProvider module.Successful exploitation of this vulnerability may affect service confidentiality."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de control de permisos en el m\u00f3dulo CalendarProvider. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52380.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52380",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T07:15:09.367",
-  "lastModified": "2024-02-18T07:15:09.367",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Vulnerability of improper access control in the email module.Successful exploitation of this vulnerability may affect service confidentiality."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de control de acceso inadecuado en el m\u00f3dulo de correo electr\u00f3nico. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52381.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52381",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T07:15:09.620",
-  "lastModified": "2024-02-18T07:15:09.620",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Script injection vulnerability in the email module.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de inyecci\u00f3n de script en el m\u00f3dulo de correo electr\u00f3nico. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad, integridad y disponibilidad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-523xx/CVE-2023-52387.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-52387",
   "sourceIdentifier": "psirt@huawei.com",
   "published": "2024-02-18T03:15:08.920",
-  "lastModified": "2024-02-18T03:15:08.920",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de reutilizaci\u00f3n de recursos en el m\u00f3dulo GPU. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-524xx/CVE-2023-52433.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-52433",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-02-20T13:15:08.140",
-  "lastModified": "2024-02-20T18:15:50.740",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-524xx/CVE-2023-52434.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-52434",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-02-20T18:15:50.790",
-  "lastModified": "2024-02-20T18:15:50.790",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-524xx/CVE-2023-52435.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52435",
+  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
+  "published": "2024-02-20T20:15:08.063",
+  "lastModified": "2024-02-20T20:15:08.063",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: prevent mss overflow in skb_segment()\n\nOnce again syzbot is able to crash the kernel in skb_segment() [1]\n\nGSO_BY_FRAGS is a forbidden value, but unfortunately the following\ncomputation in skb_segment() can reach it quite easily :\n\n\tmss = mss * partial_segs;\n\n65535 = 3 * 5 * 17 * 257, so many initial values of mss can lead to\na bad final result.\n\nMake sure to limit segmentation so that the new mss value is smaller\nthan GSO_BY_FRAGS.\n\n[1]\n\ngeneral protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]\nCPU: 1 PID: 5079 Comm: syz-executor993 Not tainted 6.7.0-rc4-syzkaller-00141-g1ae4cd3cbdd0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023\nRIP: 0010:skb_segment+0x181d/0x3f30 net/core/skbuff.c:4551\nCode: 83 e3 02 e9 fb ed ff ff e8 90 68 1c f9 48 8b 84 24 f8 00 00 00 48 8d 78 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 8a 21 00 00 48 8b 84 24 f8 00\nRSP: 0018:ffffc900043473d0 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000010046 RCX: ffffffff886b1597\nRDX: 000000000000000e RSI: ffffffff886b2520 RDI: 0000000000000070\nRBP: ffffc90004347578 R08: 0000000000000005 R09: 000000000000ffff\nR10: 000000000000ffff R11: 0000000000000002 R12: ffff888063202ac0\nR13: 0000000000010000 R14: 000000000000ffff R15: 0000000000000046\nFS: 0000555556e7e380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020010000 CR3: 0000000027ee2000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n<TASK>\nudp6_ufo_fragment+0xa0e/0xd00 net/ipv6/udp_offload.c:109\nipv6_gso_segment+0x534/0x17e0 net/ipv6/ip6_offload.c:120\nskb_mac_gso_segment+0x290/0x610 net/core/gso.c:53\n__skb_gso_segment+0x339/0x710 net/core/gso.c:124\nskb_gso_segment include/net/gso.h:83 [inline]\nvalidate_xmit_skb+0x36c/0xeb0 net/core/dev.c:3626\n__dev_queue_xmit+0x6f3/0x3d60 net/core/dev.c:4338\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\npacket_xmit+0x257/0x380 net/packet/af_packet.c:276\npacket_snd net/packet/af_packet.c:3087 [inline]\npacket_sendmsg+0x24c6/0x5220 net/packet/af_packet.c:3119\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n__sys_sendto+0x255/0x340 net/socket.c:2190\n__do_sys_sendto net/socket.c:2202 [inline]\n__se_sys_sendto net/socket.c:2198 [inline]\n__x64_sys_sendto+0xe0/0x1b0 net/socket.c:2198\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7f8692032aa9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff8d685418 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8692032aa9\nRDX: 0000000000010048 RSI: 00000000200000c0 RDI: 0000000000000003\nRBP: 00000000000f4240 R08: 0000000020000540 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fff8d685480\nR13: 0000000000000001 R14: 00007fff8d685480 R15: 0000000000000003\n</TASK>\nModules linked in:\n---[ end trace 0000000000000000 ]---\nRIP: 0010:skb_segment+0x181d/0x3f30 net/core/skbuff.c:4551\nCode: 83 e3 02 e9 fb ed ff ff e8 90 68 1c f9 48 8b 84 24 f8 00 00 00 48 8d 78 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 8a 21 00 00 48 8b 84 24 f8 00\nRSP: 0018:ffffc900043473d0 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000010046 RCX: ffffffff886b1597\nRDX: 000000000000000e RSI: ffffffff886b2520 RDI: 0000000000000070\nRBP: ffffc90004347578 R0\n---truncated---"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://git.kernel.org/stable/c/23d05d563b7e7b0314e65c8e882bc27eac2da8e7",
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+    },
+    {
+      "url": "https://git.kernel.org/stable/c/95b3904a261a9f810205da560e802cc326f50d77",
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+    }
+  ]
+}

CVE-2023/CVE-2023-54xx/CVE-2023-5455.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-5455",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2024-01-10T13:15:48.643",
-  "lastModified": "2024-01-26T02:15:07.177",
+  "lastModified": "2024-02-20T19:05:40.227",
-  "vulnStatus": "Undergoing Analysis",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
@@ -21,20 +21,20 @@
         "type": "Primary",
         "cvssData": {
           "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
           "attackVector": "NETWORK",
           "attackComplexity": "LOW",
           "privilegesRequired": "NONE",
           "userInteraction": "REQUIRED",
           "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
+          "confidentialityImpact": "NONE",
           "integrityImpact": "HIGH",
           "availabilityImpact": "NONE",
-          "baseScore": 8.1,
+          "baseScore": 6.5,
-          "baseSeverity": "HIGH"
+          "baseSeverity": "MEDIUM"
         },
         "exploitabilityScore": 2.8,
-        "impactScore": 5.2
+        "impactScore": 3.6
       },
       {
         "source": "secalert@redhat.com",
@@ -500,11 +500,17 @@
     },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U76DAZZVY7V4XQBOOV5ETPTHW3A6MW5O/",
-      "source": "secalert@redhat.com"
+      "source": "secalert@redhat.com",
+      "tags": [
+        "Mailing List"
+      ]
     },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFNUQH7IOHTKCTKQWFHONWGUBOUANL6I/",
-      "source": "secalert@redhat.com"
+      "source": "secalert@redhat.com",
+      "tags": [
+        "Mailing List"
+      ]
     },
     {
       "url": "https://www.freeipa.org/release-notes/4-10-3.html",

CVE-2023/CVE-2023-57xx/CVE-2023-5779.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-5779",
   "sourceIdentifier": "vulnerabilities@zephyrproject.org",
   "published": "2024-02-18T08:15:06.917",
-  "lastModified": "2024-02-18T08:15:06.917",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "can: out of bounds in remove_rx_filter function"
+    },
+    {
+      "lang": "es",
+      "value": "puede: fuera de los l\u00edmites en la funci\u00f3n remove_rx_filter"
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-62xx/CVE-2023-6249.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-6249",
   "sourceIdentifier": "vulnerabilities@zephyrproject.org",
   "published": "2024-02-18T08:15:07.223",
-  "lastModified": "2024-02-18T08:15:07.223",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Signed to unsigned conversion esp32_ipm_send"
+    },
+    {
+      "lang": "es",
+      "value": "Conversi\u00f3n firmada a no firmada esp32_ipm_send"
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-62xx/CVE-2023-6259.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-6259",
   "sourceIdentifier": "57dba5dd-1a03-47f6-8b36-e84e47d335d8",
   "published": "2024-02-19T22:15:48.253",
-  "lastModified": "2024-02-19T22:15:48.253",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Credenciales insuficientemente protegidas: vulnerabilidad de control de acceso inadecuado en Brivo ACS100, ACS300 permite la explotaci\u00f3n de la recuperaci\u00f3n de contrase\u00f1as, evitando la seguridad f\u00edsica. Este problema afecta a ACS100, ACS300: desde 5.2.4 antes de 6.2.4.3."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-62xx/CVE-2023-6260.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-6260",
   "sourceIdentifier": "57dba5dd-1a03-47f6-8b36-e84e47d335d8",
   "published": "2024-02-19T22:15:48.460",
-  "lastModified": "2024-02-19T22:15:48.460",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando del sistema operativo ('inyecci\u00f3n de comando del sistema operativo') en Brivo ACS100, ACS300 permite la inyecci\u00f3n de comandos del sistema operativo, evitando la seguridad f\u00edsica. Este problema afecta a ACS100 (acceso adyacente a la red), ACS300 (acceso f\u00edsico): desde 5.2 .4 antes del 6.2.4.3."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-63xx/CVE-2023-6397.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-6397",
   "sourceIdentifier": "security@zyxel.com.tw",
   "published": "2024-02-20T02:15:48.793",
-  "lastModified": "2024-02-20T02:15:48.793",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "\n\n\n\n\n\n\n\n\n\n\n\nA null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the \u201cAnti-Malware\u201d feature enabled.\n\n\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de desreferencia de puntero nulo en las versiones de firmware de la serie Zyxel ATP desde 4.32 hasta 5.37 parche 1 y en las versiones de firmware de la serie USG FLEX desde 4.50 hasta 5.37 parche 1 podr\u00eda permitir que un atacante basado en LAN provoque condiciones de denegaci\u00f3n de servicio (DoS) descargando un archivo comprimido RAR creado en un host del lado LAN si el firewall tiene habilitada la funci\u00f3n \u201cAnti-Malware\u201d."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-63xx/CVE-2023-6398.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-6398",
   "sourceIdentifier": "security@zyxel.com.tw",
   "published": "2024-02-20T02:15:49.110",
-  "lastModified": "2024-02-20T03:15:07.650",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de inyecci\u00f3n de comando posterior a la autenticaci\u00f3n en el binario de carga de archivos en las versiones de firmware de la serie Zyxel ATP de 4.32 a 5.37, parche 1, versiones de firmware de la serie USG FLEX de 4.50 a 5.37, parche 1, versiones de firmware de la serie USG FLEX 50(W) de 4.16 a 5.37 Parche 1, versiones de firmware de la serie USG20(W)-VPN desde 4.16 hasta 5.37 Parche 1, versiones de firmware NWA50AX hasta 6.29(ABYW.3), versiones de firmware WAC500 hasta 6.65(ABVS.1), versiones de firmware WAX300H hasta 6.60(ACHF.1 ), y las versiones de firmware WBE660S hasta 6.65 (ACGG.1) podr\u00edan permitir que un atacante autenticado con privilegios de administrador ejecute algunos comandos del sistema operativo (SO) en un dispositivo afectado a trav\u00e9s de FTP."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-63xx/CVE-2023-6399.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-6399",
   "sourceIdentifier": "security@zyxel.com.tw",
   "published": "2024-02-20T02:15:49.407",
-  "lastModified": "2024-02-20T02:15:49.407",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an authenticated IPSec VPN user to cause DoS conditions against the \u201cdeviceid\u201d daemon by sending a crafted hostname to an affected device if it has the \u201cDevice Insight\u201d feature enabled."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de cadena de formato en las versiones de firmware de la serie Zyxel ATP desde 4.32 hasta 5.37 Parche 1, versiones de firmware de la serie USG FLEX desde 4.50 hasta 5.37 Parche 1, versiones de firmware de la serie USG FLEX 50(W) desde 4.16 hasta 5.37 Parche 1 y USG20(W) -Las versiones de firmware de la serie VPN desde la 4.16 hasta la 5.37, parche 1, podr\u00edan permitir que un usuario de VPN IPSec autenticado provoque condiciones DoS contra el demonio \"deviceid\" enviando un nombre de host manipulado a un dispositivo afectado si tiene habilitada la funci\u00f3n \"Device Insight\"."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-67xx/CVE-2023-6749.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-6749",
   "sourceIdentifier": "vulnerabilities@zephyrproject.org",
   "published": "2024-02-18T07:15:10.047",
-  "lastModified": "2024-02-18T07:15:10.047",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Unchecked length coming from user input in settings shell"
+    },
+    {
+      "lang": "es",
+      "value": "Longitud no marcada proveniente de la entrada del usuario en el shell de configuraci\u00f3n"
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-67xx/CVE-2023-6764.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-6764",
   "sourceIdentifier": "security@zyxel.com.tw",
   "published": "2024-02-20T03:15:07.870",
-  "lastModified": "2024-02-20T03:15:07.870",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "\n\n\n\n\n\n\n\n\n\n\n\nA format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device\u2019s memory layout and configuration.\n\n\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de cadena de formato en una funci\u00f3n de la funci\u00f3n VPN IPSec en las versiones de firmware de la serie Zyxel ATP de 4.32 a 5.37 Parche 1, versiones de firmware de la serie USG FLEX de 4.50 a 5.37 Parche 1, versiones de firmware de la serie USG FLEX 50(W) de 4.16 a 5.37 El parche 1 y las versiones de firmware de la serie USG20(W)-VPN desde 4.16 hasta 5.37. El parche 1 podr\u00eda permitir a un atacante lograr la ejecuci\u00f3n remota no autorizada de c\u00f3digo enviando una secuencia de payloads especialmente manipulados que contengan un puntero no v\u00e1lido; sin embargo, un ataque de este tipo requerir\u00eda un conocimiento detallado del dise\u00f1o y la configuraci\u00f3n de la memoria del dispositivo afectado."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-72xx/CVE-2023-7245.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-7245",
   "sourceIdentifier": "security@openvpn.net",
   "published": "2024-02-20T11:15:07.750",
-  "lastModified": "2024-02-20T11:15:07.750",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not properly configured, which allows a local user to execute arbitrary code within the nodejs process context via the ELECTRON_RUN_AS_NODE environment variable\n"
+    },
+    {
+      "lang": "es",
+      "value": "El framework nodejs en OpenVPN Connect 3.0 a 3.4.3 (Windows)/3.4.7 (macOS) no se configur\u00f3 correctamente, lo que permite a un usuario local ejecutar c\u00f3digo arbitrario dentro del contexto del proceso nodejs a trav\u00e9s de la variable de entorno ELECTRON_RUN_AS_NODE"
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-06xx/CVE-2024-0610.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-0610",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-02-17T08:15:07.680",
-  "lastModified": "2024-02-17T08:15:07.680",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'MerchantReference' parameter in all versions up to, and including, 1.6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento WooCommerce Payment Gateway de Piraeus Bank para WordPress es vulnerable a la inyecci\u00f3n SQL ciega basada en el tiempo a trav\u00e9s del par\u00e1metro 'MerchantReference' en todas las versiones hasta la 1.6.5.1 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n confidencial de la base de datos."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-07xx/CVE-2024-0715.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-0715",
   "sourceIdentifier": "hirt@hitachi.co.jp",
   "published": "2024-02-20T02:15:49.720",
-  "lastModified": "2024-02-20T02:15:49.720",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code Injection.This issue affects Hitachi Global Link Manager: before 8.8.7-03.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "La vulnerabilidad de inyecci\u00f3n de lenguaje de expresi\u00f3n en Hitachi Global Link Manager en Windows permite la inyecci\u00f3n de c\u00f3digo. Este problema afecta a Hitachi Global Link Manager: versiones anteriores a 8.8.7-03."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-07xx/CVE-2024-0794.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-0794",
   "sourceIdentifier": "hp-security-alert@hp.com",
   "published": "2024-02-20T18:15:50.840",
-  "lastModified": "2024-02-20T18:15:50.840",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-11xx/CVE-2024-1155.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-1155",
   "sourceIdentifier": "security@ni.com",
   "published": "2024-02-20T15:15:09.703",
-  "lastModified": "2024-02-20T15:15:09.703",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-11xx/CVE-2024-1156.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-1156",
   "sourceIdentifier": "security@ni.com",
   "published": "2024-02-20T15:15:09.910",
-  "lastModified": "2024-02-20T15:15:09.910",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-12xx/CVE-2024-1297.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1297",
   "sourceIdentifier": "help@fluidattacks.com",
   "published": "2024-02-20T00:15:14.463",
-  "lastModified": "2024-02-20T00:15:14.463",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Loomio version 2.22.0 allows executing arbitrary commands on the server.\n\nThis is possible because the application is vulnerable to OS Command Injection.\n\n\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "La versi\u00f3n 2.22.0 de Loomio permite ejecutar comandos arbitrarios en el servidor. Esto es posible porque la aplicaci\u00f3n es vulnerable a la inyecci\u00f3n de comandos del sistema operativo."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-13xx/CVE-2024-1343.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1343",
   "sourceIdentifier": "cve-coordination@incibe.es",
   "published": "2024-02-19T12:15:44.413",
-  "lastModified": "2024-02-19T12:15:44.413",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "A weak permission was found in the backup directory in LaborOfficeFree affecting version 19.10. This vulnerability allows any authenticated user to read backup files in the directory '%programfiles(x86)% LaborOfficeFree BackUp'."
+    },
+    {
+      "lang": "es",
+      "value": "Se encontr\u00f3 un permiso d\u00e9bil en el directorio de respaldo en LaborOfficeFree que afecta la versi\u00f3n 19.10. Esta vulnerabilidad permite que cualquier usuario autenticado lea archivos de respaldo en el directorio '%programfiles(x86)% LaborOfficeFree BackUp'."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-13xx/CVE-2024-1344.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1344",
   "sourceIdentifier": "cve-coordination@incibe.es",
   "published": "2024-02-19T12:15:44.617",
-  "lastModified": "2024-02-19T12:15:44.617",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability allows an attacker to read and extract the username and password from the database of 'LOF_service.exe' and 'LaborOfficeFree.exe' located in the '%programfiles(x86)%\\LaborOfficeFree\\' directory. This user can log in remotely and has root-like privileges."
+    },
+    {
+      "lang": "es",
+      "value": "Credenciales de base de datos cifradas en LaborOfficeFree que afectan a la versi\u00f3n 19.10. Esta vulnerabilidad permite a un atacante leer y extraer el nombre de usuario y la contrase\u00f1a de la base de datos de 'LOF_service.exe' y 'LaborOfficeFree.exe' ubicada en el directorio '%programfiles(x86)%\\LaborOfficeFree\\'. Este usuario puede iniciar sesi\u00f3n de forma remota y tiene privilegios similares a los de root."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-13xx/CVE-2024-1345.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1345",
   "sourceIdentifier": "cve-coordination@incibe.es",
   "published": "2024-02-19T12:15:44.803",
-  "lastModified": "2024-02-19T12:15:44.803",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to perform a brute force attack and easily discover the root password."
+    },
+    {
+      "lang": "es",
+      "value": "La contrase\u00f1a ra\u00edz d\u00e9bil de la base de datos MySQL en LaborOfficeFree afecta la versi\u00f3n 19.10. Esta vulnerabilidad permite a un atacante realizar un ataque de fuerza bruta y descubrir f\u00e1cilmente la contrase\u00f1a de root."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-13xx/CVE-2024-1346.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1346",
   "sourceIdentifier": "cve-coordination@incibe.es",
   "published": "2024-02-19T12:15:45.000",
-  "lastModified": "2024-02-19T12:15:45.000",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants."
+    },
+    {
+      "lang": "es",
+      "value": "La contrase\u00f1a ra\u00edz d\u00e9bil de la base de datos MySQL en LaborOfficeFree afecta la versi\u00f3n 19.10. Esta vulnerabilidad permite a un atacante calcular la contrase\u00f1a ra\u00edz de la base de datos MySQL utilizada por LaborOfficeFree utilizando dos constantes."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-15xx/CVE-2024-1510.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1510",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-02-20T03:15:08.077",
-  "lastModified": "2024-02-20T03:15:08.077",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_tooltip shortcode in all versions up to, and including, 7.0.2 due to insufficient input sanitization and output escaping on user supplied attributes and user supplied tags. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento WP Shortcodes Plugin \u2014 Shortcodes Ultimate para WordPress es vulnerable a Cross-Site Scripting Almacenado, a trav\u00e9s del c\u00f3digo abreviado su_tooltip del complemento en todas las versiones hasta la 7.0.2 incluida, debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos y etiquetas proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-15xx/CVE-2024-1512.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1512",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-02-17T08:15:08.093",
-  "lastModified": "2024-02-17T08:15:08.093",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Education plugin for WordPress is vulnerable to union based SQL Injection via the 'user' parameter of the /lms/stm-lms/order/items REST route in all versions up to, and including, 3.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Education para WordPress es vulnerable a la inyecci\u00f3n SQL basada en uni\u00f3n a trav\u00e9s del par\u00e1metro 'user' de la ruta REST /lms/stm-lms/order/items en todas las versiones hasta, e incluyendo, 3.2.5 debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n confidencial de la base de datos."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-15xx/CVE-2024-1546.json

@@ -2,12 +2,12 @@
   "id": "CVE-2024-1546",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:08.477",
-  "lastModified": "2024-02-20T14:15:08.477",
+  "lastModified": "2024-02-20T20:15:08.167",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8."
+      "value": "When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8."
     }
   ],
   "metrics": {},
@@ -23,6 +23,10 @@
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/",
       "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/",
+      "source": "security@mozilla.org"
     }
   ]
 }

CVE-2024/CVE-2024-15xx/CVE-2024-1547.json

@@ -2,12 +2,12 @@
   "id": "CVE-2024-1547",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:08.547",
-  "lastModified": "2024-02-20T14:15:08.547",
+  "lastModified": "2024-02-20T20:15:08.220",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123 and Firefox ESR < 115.8."
+      "value": "Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8."
     }
   ],
   "metrics": {},
@@ -23,6 +23,10 @@
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/",
       "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/",
+      "source": "security@mozilla.org"
     }
   ]
 }

CVE-2024/CVE-2024-15xx/CVE-2024-1548.json

@@ -2,12 +2,12 @@
   "id": "CVE-2024-1548",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:08.603",
-  "lastModified": "2024-02-20T14:15:08.603",
+  "lastModified": "2024-02-20T20:15:08.267",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8."
+      "value": "A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8."
     }
   ],
   "metrics": {},
@@ -23,6 +23,10 @@
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/",
       "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/",
+      "source": "security@mozilla.org"
     }
   ]
 }

CVE-2024/CVE-2024-15xx/CVE-2024-1549.json

@@ -2,12 +2,12 @@
   "id": "CVE-2024-1549",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:08.683",
-  "lastModified": "2024-02-20T14:15:08.683",
+  "lastModified": "2024-02-20T20:15:08.317",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8."
+      "value": "If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8."
     }
   ],
   "metrics": {},
@@ -23,6 +23,10 @@
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/",
       "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/",
+      "source": "security@mozilla.org"
     }
   ]
 }

CVE-2024/CVE-2024-15xx/CVE-2024-1550.json

@@ -2,12 +2,12 @@
   "id": "CVE-2024-1550",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:08.733",
-  "lastModified": "2024-02-20T14:15:08.733",
+  "lastModified": "2024-02-20T20:15:08.370",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8."
+      "value": "A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8."
     }
   ],
   "metrics": {},
@@ -23,6 +23,10 @@
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/",
       "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/",
+      "source": "security@mozilla.org"
     }
   ]
 }

CVE-2024/CVE-2024-15xx/CVE-2024-1551.json

@@ -2,12 +2,12 @@
   "id": "CVE-2024-1551",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:08.790",
-  "lastModified": "2024-02-20T14:15:08.790",
+  "lastModified": "2024-02-20T20:15:08.413",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8."
+      "value": "Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8."
     }
   ],
   "metrics": {},
@@ -23,6 +23,10 @@
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/",
       "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/",
+      "source": "security@mozilla.org"
     }
   ]
 }

CVE-2024/CVE-2024-15xx/CVE-2024-1552.json

@@ -2,12 +2,12 @@
   "id": "CVE-2024-1552",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:08.840",
-  "lastModified": "2024-02-20T14:15:08.840",
+  "lastModified": "2024-02-20T20:15:08.460",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. *Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8."
+      "value": "Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8."
     }
   ],
   "metrics": {},
@@ -23,6 +23,10 @@
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/",
       "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/",
+      "source": "security@mozilla.org"
     }
   ]
 }

CVE-2024/CVE-2024-15xx/CVE-2024-1553.json

@@ -2,12 +2,12 @@
   "id": "CVE-2024-1553",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:08.903",
-  "lastModified": "2024-02-20T14:15:08.903",
+  "lastModified": "2024-02-20T20:15:08.510",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8."
+      "value": "Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8."
     }
   ],
   "metrics": {},
@@ -23,6 +23,10 @@
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/",
       "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/",
+      "source": "security@mozilla.org"
     }
   ]
 }

CVE-2024/CVE-2024-15xx/CVE-2024-1554.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-1554",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:08.960",
-  "lastModified": "2024-02-20T14:15:08.960",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-15xx/CVE-2024-1555.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-1555",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:09.007",
-  "lastModified": "2024-02-20T14:15:09.007",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-15xx/CVE-2024-1556.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-1556",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:09.053",
-  "lastModified": "2024-02-20T14:15:09.053",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-15xx/CVE-2024-1557.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-1557",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2024-02-20T14:15:09.100",
-  "lastModified": "2024-02-20T14:15:09.100",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-15xx/CVE-2024-1559.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1559",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-02-20T04:15:07.330",
-  "lastModified": "2024-02-20T04:15:07.330",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'll_reciprocal' parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento Link Library para WordPress es vulnerable a Cross-Site Scripting Almacenado, a trav\u00e9s del par\u00e1metro 'll_reciprocal' en todas las versiones hasta la 7.6 incluida, debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-15xx/CVE-2024-1580.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-1580",
   "sourceIdentifier": "cve-coordination@google.com",
   "published": "2024-02-19T11:15:08.817",
-  "lastModified": "2024-02-19T11:15:08.817",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-15xx/CVE-2024-1597.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-1597",
   "sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
   "published": "2024-02-19T13:15:07.740",
-  "lastModified": "2024-02-19T13:15:07.740",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-16xx/CVE-2024-1608.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1608",
   "sourceIdentifier": "security@oppo.com",
   "published": "2024-02-20T09:15:08.877",
-  "lastModified": "2024-02-20T09:15:08.877",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction."
+    },
+    {
+      "lang": "es",
+      "value": "En OPPO Usercenter Credit SDK, existe una posible escalada de privilegios debido a una verificaci\u00f3n de permisos suelta, lo que podr\u00eda provocar una fuga de informaci\u00f3n interna de la aplicaci\u00f3n sin interacci\u00f3n del usuario."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-16xx/CVE-2024-1633.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1633",
   "sourceIdentifier": "cve@asrg.io",
   "published": "2024-02-19T17:15:08.347",
-  "lastModified": "2024-02-19T17:15:08.347",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "During the secure boot, bl2 (the second stage of\nthe bootloader) loops over images defined in the table \u201cbl2_mem_params_descs\u201d.\nFor each image, the bl2 reads the image length and destination from the image\u2019s\ncertificate.\u00a0Because of the way of reading from the image, which base on\u00a032-bit unsigned integer value, it can result to\u00a0an integer overflow.\u00a0An attacker can bypass memory range restriction and write data out of buffer bounds, which could result in bypass of secure boot.\n\n Affected git version from\u00a0c2f286820471ed276c57e603762bd831873e5a17 until (not\u00a0\n"
+    },
+    {
+      "lang": "es",
+      "value": "Durante el arranque seguro, bl2 (la segunda etapa del gestor de arranque) recorre las im\u00e1genes definidas en la tabla \"bl2_mem_params_descs\". Para cada imagen, el bl2 lee la longitud y el destino de la imagen en el certificado de la imagen. Debido a la forma de leer la imagen, que se basa en un valor entero sin signo de 32 bits, puede provocar un desbordamiento de enteros. Un atacante puede eludir la restricci\u00f3n del rango de memoria y escribir datos fuera de los l\u00edmites del b\u00fafer, lo que podr\u00eda provocar la omisi\u00f3n del inicio seguro. Versi\u00f3n de git afectada desde c2f286820471ed276c57e603762bd831873e5a17 hasta (no"
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-16xx/CVE-2024-1635.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1635",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2024-02-19T22:15:48.647",
-  "lastModified": "2024-02-19T22:15:48.647",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. \r\n\r\nAt HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak."
+    },
+    {
+      "lang": "es",
+      "value": "Se encontr\u00f3 una vulnerabilidad en Undertow. Esta vulnerabilidad afecta a un servidor que admite el protocolo wildfly-http-client. Siempre que un usuario malintencionado abre y cierra una conexi\u00f3n con el puerto HTTP del servidor y luego cierra la conexi\u00f3n inmediatamente, el servidor finalizar\u00e1 con los l\u00edmites de memoria y de archivos abiertos agotados en alg\u00fan momento, dependiendo de la cantidad de memoria disponible. En la actualizaci\u00f3n HTTP a comunicaci\u00f3n remota, WriteTimeoutStreamSinkConduit pierde conexiones si RemotingConnection se cierra mediante Remoting ServerConnectionOpenListener. Debido a que la conexi\u00f3n remota se origina en Undertow como parte de la actualizaci\u00f3n HTTP, existe una capa externa a la conexi\u00f3n remota. Esta conexi\u00f3n desconoce la capa m\u00e1s externa al cerrar la conexi\u00f3n durante el procedimiento de apertura de la conexi\u00f3n. Por lo tanto, Undertow WriteTimeoutStreamSinkConduit no recibe notificaci\u00f3n de la conexi\u00f3n cerrada en este escenario. Debido a que WriteTimeoutStreamSinkConduit crea una tarea de tiempo de espera, todo el \u00e1rbol de dependencia se filtra a trav\u00e9s de esa tarea, que se agrega a XNIO WorkerThread. Entonces, el hilo de trabajo apunta al conducto Undertow, que contiene las conexiones y causa la fuga."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-16xx/CVE-2024-1638.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1638",
   "sourceIdentifier": "vulnerabilities@zephyrproject.org",
   "published": "2024-02-19T22:15:48.837",
-  "lastModified": "2024-02-19T22:15:48.837",
+  "lastModified": "2024-02-20T19:50:53.960",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characteristic: Attribute read/write permission with LE Secure Connection encryption. If set, requires that LE Secure Connections is used for read/write access, however this is only true when it is combined with other permissions, namely BT_GATT_PERM_READ_ENCRYPT/BT_GATT_PERM_READ_AUTHEN (for read) or BT_GATT_PERM_WRITE_ENCRYPT/BT_GATT_PERM_WRITE_AUTHEN (for write), if these additional permissions are not set (even in secure connections only mode) then the stack does not perform any permission checks on these characteristics and they can be freely written/read."
+    },
+    {
+      "lang": "es",
+      "value": "La documentaci\u00f3n especifica que BT_GATT_PERM_READ_LESC y BT_GATT_PERM_WRITE_LESC definen para una caracter\u00edstica de Bluetooth: Atributo permiso de lectura/escritura con cifrado LE Secure Connection. Si est\u00e1 configurado, requiere que se utilice LE Secure Connections para acceso de lectura/escritura; sin embargo, esto solo es cierto cuando se combina con otros permisos, a saber, BT_GATT_PERM_READ_ENCRYPT/BT_GATT_PERM_READ_AUTHEN (para lectura) o BT_GATT_PERM_WRITE_ENCRYPT/BT_GATT_PERM_WRITE_AUTHEN (para escritura), si estos permisos adicionales no est\u00e1n configurados (incluso en el modo de solo conexiones seguras), entonces la pila no realiza ninguna verificaci\u00f3n de permisos sobre estas caracter\u00edsticas y se pueden escribir/leer libremente."
     }
   ],
   "metrics": {