diff --git a/CVE-2020/CVE-2020-153xx/CVE-2020-15368.json b/CVE-2020/CVE-2020-153xx/CVE-2020-15368.json index 584b93e7a93..fab650b4ac9 100644 --- a/CVE-2020/CVE-2020-153xx/CVE-2020-15368.json +++ b/CVE-2020/CVE-2020-153xx/CVE-2020-15368.json @@ -2,8 +2,8 @@ "id": "CVE-2020-15368", "sourceIdentifier": "cve@mitre.org", "published": "2020-06-29T21:15:13.917", - "lastModified": "2020-07-09T14:01:55.107", - "vulnStatus": "Analyzed", + "lastModified": "2024-04-03T12:15:09.637", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -111,6 +111,10 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://github.com/stong/CVE-2020-15368?tab=readme-ov-file", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-273xx/CVE-2021-27312.json b/CVE-2021/CVE-2021-273xx/CVE-2021-27312.json index fe479d00f4a..428d4e1dbbb 100644 --- a/CVE-2021/CVE-2021-273xx/CVE-2021-27312.json +++ b/CVE-2021/CVE-2021-273xx/CVE-2021-27312.json @@ -2,12 +2,16 @@ "id": "CVE-2021-27312", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T06:15:07.350", - "lastModified": "2024-04-03T06:15:07.350", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Server Side Request Forgery (SSRF) vulnerability in Gleez Cms 1.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via modules/gleez/classes/request.php." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Server Side Request Forgery (SSRF) en Gleez Cms 1.2.0, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s de module/gleez/classes/request.php." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-256xx/CVE-2023-25699.json b/CVE-2023/CVE-2023-256xx/CVE-2023-25699.json new file mode 100644 index 00000000000..c8ad081ada1 --- /dev/null +++ b/CVE-2023/CVE-2023-256xx/CVE-2023-25699.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-25699", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-03T13:15:59.923", + "lastModified": "2024-04-03T13:15:59.923", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a through 5.5.15.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.2, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/videowhisper-live-streaming-integration/wordpress-broadcast-live-video-live-streaming-html5-webrtc-hls-rtsp-rtmp-plugin-5-5-15-remote-code-execution-rce?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34423.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34423.json index 6729d906079..dc126486a21 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34423.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34423.json @@ -2,12 +2,16 @@ "id": "CVE-2023-34423", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-04-03T08:15:48.990", - "lastModified": "2024-04-03T08:15:48.990", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Survey Maker prior to 3.6.4 contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in to the website using the product with the administrative privilege." + }, + { + "lang": "es", + "value": "Survey Maker anterior a 3.6.4 contiene una vulnerabilidad de Cross Site Scripting almacenadas. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que inicia sesi\u00f3n en el sitio web utilizando el producto con privilegios administrativos." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35764.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35764.json index 894bcb99569..96cab2c1d04 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35764.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35764.json @@ -2,12 +2,16 @@ "id": "CVE-2023-35764", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-04-03T08:15:49.057", - "lastModified": "2024-04-03T08:15:49.057", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Insufficient verification of data authenticity issue in Survey Maker prior to 3.6.4 allows a remote unauthenticated attacker to spoof an IP address when posting." + }, + { + "lang": "es", + "value": "El problema de verificaci\u00f3n insuficiente de la autenticidad de los datos en Survey Maker antes de la versi\u00f3n 3.6.4 permite que un atacante remoto no autenticado falsifique una direcci\u00f3n IP al publicar." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-387xx/CVE-2023-38729.json b/CVE-2023/CVE-2023-387xx/CVE-2023-38729.json new file mode 100644 index 00000000000..0041b3ca9e4 --- /dev/null +++ b/CVE-2023/CVE-2023-387xx/CVE-2023-38729.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-38729", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-04-03T13:16:00.150", + "lastModified": "2024-04-03T13:16:00.150", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server)10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT. IBM X-Force ID: 262259." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/262259", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7145721", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-522xx/CVE-2023-52296.json b/CVE-2023/CVE-2023-522xx/CVE-2023-52296.json new file mode 100644 index 00000000000..b2eeea2f271 --- /dev/null +++ b/CVE-2023/CVE-2023-522xx/CVE-2023-52296.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-52296", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-04-03T13:16:00.360", + "lastModified": "2024-04-03T13:16:00.360", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/278547", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7145722", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0172.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0172.json index df8866e4aad..2ce8a244443 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0172.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0172.json @@ -2,12 +2,16 @@ "id": "CVE-2024-0172", "sourceIdentifier": "security_alert@emc.com", "published": "2024-04-03T10:15:08.030", - "lastModified": "2024-04-03T10:15:08.030", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation." + }, + { + "lang": "es", + "value": "El BIOS del servidor Dell PowerEdge y el BIOS del rack Dell Precision contienen una vulnerabilidad de seguridad de administraci\u00f3n de privilegios inadecuada. Un atacante local no autenticado podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda una escalada de privilegios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json index f47fc551f32..d6fe50efb52 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1023", "sourceIdentifier": "secalert@redhat.com", "published": "2024-03-27T08:15:38.140", - "lastModified": "2024-03-27T12:29:30.307", + "lastModified": "2024-04-03T13:16:00.733", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -16,6 +16,10 @@ ], "metrics": {}, "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1662", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-1023", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1300.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1300.json index 62481f5b041..2dc154584ac 100644 --- a/CVE-2024/CVE-2024-13xx/CVE-2024-1300.json +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1300.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1300", "sourceIdentifier": "secalert@redhat.com", "published": "2024-04-02T08:15:53.993", - "lastModified": "2024-04-02T12:50:42.233", + "lastModified": "2024-04-03T13:16:00.813", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -16,6 +16,10 @@ ], "metrics": {}, "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1662", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-1300", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1327.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1327.json index 027e5d77b6e..424e221d49a 100644 --- a/CVE-2024/CVE-2024-13xx/CVE-2024-1327.json +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1327.json @@ -2,12 +2,16 @@ "id": "CVE-2024-1327", "sourceIdentifier": "security@wordfence.com", "published": "2024-04-03T03:15:08.703", - "lastModified": "2024-04-03T03:15:08.703", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's image box widget in all versions up to, and including, 2.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Jeg Elementor Kit para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del widget de cuadro de imagen del complemento en todas las versiones hasta la 2.6.3 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1394.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1394.json index 7c05ea4e321..2efc41f5079 100644 --- a/CVE-2024/CVE-2024-13xx/CVE-2024-1394.json +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1394.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1394", "sourceIdentifier": "secalert@redhat.com", "published": "2024-03-21T13:00:08.037", - "lastModified": "2024-04-03T00:15:08.400", + "lastModified": "2024-04-03T13:16:00.903", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -79,6 +79,10 @@ "url": "https://access.redhat.com/errata/RHSA-2024:1563", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1574", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/errata/RHSA-2024:1640", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1979.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1979.json index a9469aea6df..4a821ad0d09 100644 --- a/CVE-2024/CVE-2024-19xx/CVE-2024-1979.json +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1979.json @@ -2,12 +2,16 @@ "id": "CVE-2024-1979", "sourceIdentifier": "secalert@redhat.com", "published": "2024-03-13T10:15:08.153", - "lastModified": "2024-03-13T12:33:51.697", + "lastModified": "2024-04-03T13:16:01.070", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Quarkus. En ciertas condiciones relacionadas con el proceso de CI, las credenciales de git podr\u00edan publicarse sin darse cuenta, lo que podr\u00eda poner en riesgo el repositorio de git." } ], "metrics": { @@ -47,6 +51,10 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1662", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-1979", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22360.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22360.json new file mode 100644 index 00000000000..c4a11558a2c --- /dev/null +++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22360.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-22360", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-04-03T13:16:01.183", + "lastModified": "2024-04-03T13:16:01.183", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. IBM X-Force ID: 280905." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/280905", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7145730", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2322.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2322.json index 10bd7ee2846..ab512fe4586 100644 --- a/CVE-2024/CVE-2024-23xx/CVE-2024-2322.json +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2322.json @@ -2,12 +2,16 @@ "id": "CVE-2024-2322", "sourceIdentifier": "contact@wpscan.com", "published": "2024-04-03T05:15:47.920", - "lastModified": "2024-04-03T05:15:47.920", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The WooCommerce Cart Abandonment Recovery WordPress plugin before 1.2.27 does not have CSRF check in its bulk actions, which could allow attackers to make logged in admins delete arbitrary email templates as well as delete and unsubscribe users from abandoned orders via CSRF attacks." + }, + { + "lang": "es", + "value": "El complemento WooCommerce Cart Abandonment Recovery de WordPress anterior a 1.2.27 no tiene verificaci\u00f3n CSRF en sus acciones masivas, lo que podr\u00eda permitir a los atacantes hacer que los administradores registrados eliminen plantillas de correo electr\u00f3nico arbitrarias, as\u00ed como eliminar y cancelar la suscripci\u00f3n de usuarios de pedidos abandonados a trav\u00e9s de ataques CSRF." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24506.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24506.json index fddd77a324f..30a2d4db349 100644 --- a/CVE-2024/CVE-2024-245xx/CVE-2024-24506.json +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24506.json @@ -2,12 +2,16 @@ "id": "CVE-2024-24506", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T07:15:42.663", - "lastModified": "2024-04-03T07:15:42.663", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross Site Scripting (XSS) en Lime Survey Community Edition versi\u00f3n v.5.3.32+220817, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro de direcci\u00f3n de correo electr\u00f3nico del administrador en la funci\u00f3n de configuraci\u00f3n general." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-247xx/CVE-2024-24707.json b/CVE-2024/CVE-2024-247xx/CVE-2024-24707.json new file mode 100644 index 00000000000..f078ca93ada --- /dev/null +++ b/CVE-2024/CVE-2024-247xx/CVE-2024-24707.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-24707", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-03T13:16:01.383", + "lastModified": "2024-04-03T13:16:01.383", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Cwicly Builder, SL. Cwicly allows Code Injection.This issue affects Cwicly: from n/a through 1.4.0.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/cwicly/wordpress-cwicly-plugin-1-4-0-2-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://snicco.io/vulnerability-disclosure/cwicly/remote-code-execution-cwicly-1-4-0-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-247xx/CVE-2024-24724.json b/CVE-2024/CVE-2024-247xx/CVE-2024-24724.json index abfce0adf93..ec6b6960000 100644 --- a/CVE-2024/CVE-2024-247xx/CVE-2024-24724.json +++ b/CVE-2024/CVE-2024-247xx/CVE-2024-24724.json @@ -2,12 +2,16 @@ "id": "CVE-2024-24724", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T03:15:09.173", - "lastModified": "2024-04-03T03:15:09.173", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine (messengerSettings.php) without sanitization." + }, + { + "lang": "es", + "value": "Gibbon hasta 26.0.00 permite /modules/School%20Admin/messengerSettings.php la inyecci\u00f3n de plantilla del lado del servidor que conduce a la ejecuci\u00f3n remota de c\u00f3digo porque la entrada se pasa al motor de plantilla Twig (messengerSettings.php) sin sanitizaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25030.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25030.json new file mode 100644 index 00000000000..19ac99daa56 --- /dev/null +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25030.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-25030", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-04-03T13:16:01.590", + "lastModified": "2024-04-03T13:16:01.590", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281677." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/281677", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7145725", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25046.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25046.json new file mode 100644 index 00000000000..ae81baa01de --- /dev/null +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25046.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-25046", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-04-03T13:16:01.790", + "lastModified": "2024-04-03T13:16:01.790", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service by an authenticated user using a specially crafted query. IBM X-Force ID: 282953." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/282953", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7145726", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25075.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25075.json index c18f16d556f..f885a73b2a8 100644 --- a/CVE-2024/CVE-2024-250xx/CVE-2024-25075.json +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25075.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25075", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-02T21:15:45.900", - "lastModified": "2024-04-02T21:15:45.900", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Softing uaToolkit Embedded before 1.41.1. When a subscription with a very low MaxNotificationPerPublish parameter is created, a publish response is mishandled, leading to memory consumption. When that happens often enough, the device will be out of memory, i.e., a denial of service." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Softing uaToolkit Embedded antes de la versi\u00f3n 1.41.1. Cuando se crea una suscripci\u00f3n con un par\u00e1metro MaxNotificationPerPublish muy bajo, se maneja mal una respuesta de publicaci\u00f3n, lo que genera consumo de memoria. Cuando esto sucede con suficiente frecuencia, el dispositivo se quedar\u00e1 sin memoria, es decir, se producir\u00e1 una denegaci\u00f3n de servicio." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25096.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25096.json new file mode 100644 index 00000000000..3bd3fcc4fa5 --- /dev/null +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25096.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25096", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-03T13:16:02.017", + "lastModified": "2024-04-03T13:16:02.017", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto allows Code Injection.This issue affects Canto: from n/a through 3.0.7.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/canto/wordpress-canto-plugin-3-0-6-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-258xx/CVE-2024-25864.json b/CVE-2024/CVE-2024-258xx/CVE-2024-25864.json index 1b0f9c60756..348c0909668 100644 --- a/CVE-2024/CVE-2024-258xx/CVE-2024-25864.json +++ b/CVE-2024/CVE-2024-258xx/CVE-2024-25864.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25864", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T03:15:09.350", - "lastModified": "2024-04-03T03:15:09.350", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Server Side Request Forgery (SSRF) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the fpostit.php component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de Server Side Request Forgery (SSRF) en las versiones de Friendica posteriores a la v.2023.12 permite a un atacante remoto ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del componente fpostit.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25918.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25918.json new file mode 100644 index 00000000000..f8af40a8f4f --- /dev/null +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25918.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25918", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-03T12:15:10.537", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in InstaWP Team InstaWP Connect allows Code Injection.This issue affects InstaWP Connect: from n/a through 0.1.0.8.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-remote-code-execution-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-264xx/CVE-2024-26495.json b/CVE-2024/CVE-2024-264xx/CVE-2024-26495.json index 13a15341eac..2c71d0d1e75 100644 --- a/CVE-2024/CVE-2024-264xx/CVE-2024-26495.json +++ b/CVE-2024/CVE-2024-264xx/CVE-2024-26495.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26495", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T03:15:09.533", - "lastModified": "2024-04-03T03:15:09.533", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the BBCode tags in the post content and post comments function." + }, + { + "lang": "es", + "value": "La vulnerabilidad de Cross Site Scripting (XSS) en las versiones de Friendica posteriores a la v.2023.12 permite a un atacante remoto ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s de las etiquetas BBCode en el contenido de la publicaci\u00f3n y en la funci\u00f3n de comentarios de la publicaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27191.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27191.json new file mode 100644 index 00000000000..bf67b70dd91 --- /dev/null +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27191.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-27191", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-03T12:15:11.123", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Inpersttion Slivery Extender allows Code Injection.This issue affects Slivery Extender: from n/a through 1.0.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/slivery-extender/wordpress-slivery-extender-plugin-1-0-2-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27254.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27254.json new file mode 100644 index 00000000000..b4f4e8745ab --- /dev/null +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27254.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-27254", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-04-03T13:16:02.220", + "lastModified": "2024-04-03T13:16:02.220", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 federated server is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 283813." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/283813", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7145727", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-276xx/CVE-2024-27602.json b/CVE-2024/CVE-2024-276xx/CVE-2024-27602.json index 7817df3bd32..d865c24b6f3 100644 --- a/CVE-2024/CVE-2024-276xx/CVE-2024-27602.json +++ b/CVE-2024/CVE-2024-276xx/CVE-2024-27602.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27602", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-02T21:15:45.957", - "lastModified": "2024-04-02T21:15:45.957", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total of many modules interface documents have been leaked.For example, the /api/system/v2/api-docs module." + }, + { + "lang": "es", + "value": "Alldata V0.4.6 es vulnerable a un control de acceso incorrecto. Se han filtrado un total de muchos documentos de interfaz de m\u00f3dulos. Por ejemplo, el m\u00f3dulo /api/system/v2/api-docs." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-276xx/CVE-2024-27604.json b/CVE-2024/CVE-2024-276xx/CVE-2024-27604.json index 9b4c7c43e7a..c0305f5a63b 100644 --- a/CVE-2024/CVE-2024-276xx/CVE-2024-27604.json +++ b/CVE-2024/CVE-2024-276xx/CVE-2024-27604.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27604", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-02T21:15:46.010", - "lastModified": "2024-04-02T21:15:46.010", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Alldata V0.4.6 is vulnerable to Command execution vulnerability. System commands can be deserialized." + }, + { + "lang": "es", + "value": "Alldata V0.4.6 es vulnerable a la vulnerabilidad de ejecuci\u00f3n de comandos. Los comandos del sistema se pueden deserializar." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-276xx/CVE-2024-27605.json b/CVE-2024/CVE-2024-276xx/CVE-2024-27605.json index fda1685ae39..224e79f5a41 100644 --- a/CVE-2024/CVE-2024-276xx/CVE-2024-27605.json +++ b/CVE-2024/CVE-2024-276xx/CVE-2024-27605.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27605", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-02T21:15:46.060", - "lastModified": "2024-04-02T21:15:46.060", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Alldata V0.4.6 is vulnerable to Insecure Permissions. Using users (test) can query information about the users in the system." + }, + { + "lang": "es", + "value": "Alldata V0.4.6 es vulnerable a permisos inseguros. El uso de usuarios (prueba) puede consultar informaci\u00f3n sobre los usuarios en el sistema." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27951.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27951.json new file mode 100644 index 00000000000..edd1719b23f --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27951.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-27951", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-03T12:15:11.690", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin \u2013 MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin \u2013 MPG: from n/a through 3.4.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/multiple-pages-generator-by-porthas/wordpress-multiple-page-generator-plugin-3-4-0-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27972.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27972.json new file mode 100644 index 00000000000..69ee0bfb989 --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27972.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-27972", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-03T12:15:12.187", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Very Good Plugins WP Fusion Lite allows Command Injection.This issue affects WP Fusion Lite: from n/a through 3.41.24.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-fusion-lite/wordpress-wp-fusion-lite-plugin-3-41-24-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-282xx/CVE-2024-28219.json b/CVE-2024/CVE-2024-282xx/CVE-2024-28219.json index 2e219ad52f6..da03dd5011d 100644 --- a/CVE-2024/CVE-2024-282xx/CVE-2024-28219.json +++ b/CVE-2024/CVE-2024-282xx/CVE-2024-28219.json @@ -2,12 +2,16 @@ "id": "CVE-2024-28219", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T03:15:09.710", - "lastModified": "2024-04-03T03:15:09.710", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy." + }, + { + "lang": "es", + "value": "En _imagingcms.c en Pillow anterior a 10.3.0, existe un desbordamiento del b\u00fafer porque se usa strcpy en lugar de strncpy." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-285xx/CVE-2024-28515.json b/CVE-2024/CVE-2024-285xx/CVE-2024-28515.json index bf3512a2864..9a2bc934df0 100644 --- a/CVE-2024/CVE-2024-285xx/CVE-2024-28515.json +++ b/CVE-2024/CVE-2024-285xx/CVE-2024-28515.json @@ -2,12 +2,16 @@ "id": "CVE-2024-28515", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T07:15:44.240", - "lastModified": "2024-04-03T07:15:44.240", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker to execute arbitrary code via the lab3 of csapp,lab3/buflab-update.pl component." + }, + { + "lang": "es", + "value": "Vulnerabilidad de desbordamiento de b\u00fafer en CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente lab3 del csapp,lab3/buflab-update.pl." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-285xx/CVE-2024-28589.json b/CVE-2024/CVE-2024-285xx/CVE-2024-28589.json index 48b7e8bdf60..24f601c12c9 100644 --- a/CVE-2024/CVE-2024-285xx/CVE-2024-28589.json +++ b/CVE-2024/CVE-2024-285xx/CVE-2024-28589.json @@ -2,12 +2,16 @@ "id": "CVE-2024-28589", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T08:15:49.117", - "lastModified": "2024-04-03T08:15:49.117", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Axigen Mail Server para Windows versiones 10.5.18 y anteriores, que permite a atacantes locales con pocos privilegios ejecutar c\u00f3digo arbitrario y escalar privilegios mediante la carga insegura de DLL desde un directorio de escritura mundial durante la inicializaci\u00f3n del servicio." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28755.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28755.json index 3f07fe09ee6..7bb535e7bc9 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28755.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28755.json @@ -2,12 +2,16 @@ "id": "CVE-2024-28755", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T03:15:10.140", - "lastModified": "2024-04-03T03:15:10.140", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtls_ssl_session_reset() API, the maximum TLS version to be negotiated was not restored to the configured one. An attacker was able to prevent an Mbed TLS server from establishing any TLS 1.3 connection, potentially resulting in a Denial of Service or forced version downgrade from TLS 1.3 to TLS 1.2." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Mbed TLS 3.5.x anterior a 3.6.0. Cuando se restableci\u00f3 un contexto SSL con la API mbedtls_ssl_session_reset(), la versi\u00f3n m\u00e1xima de TLS a negociar no se restaur\u00f3 a la configurada. Un atacante pudo evitar que un servidor Mbed TLS estableciera cualquier conexi\u00f3n TLS 1.3, lo que podr\u00eda provocar una denegaci\u00f3n de servicio o una degradaci\u00f3n forzada de la versi\u00f3n de TLS 1.3 a TLS 1.2." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28782.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28782.json new file mode 100644 index 00000000000..1078f48dd90 --- /dev/null +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28782.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-28782", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-04-03T12:15:12.747", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 285698." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-256" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/285698", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7145683", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28836.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28836.json index 1adbd8353d9..0040df4f2ee 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28836.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28836.json @@ -2,12 +2,16 @@ "id": "CVE-2024-28836", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T03:15:10.350", - "lastModified": "2024-04-03T03:15:10.350", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a TLS 1.3-only server into an infinite loop processing a TLS 1.2 ClientHello, resulting in a denial of service. If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client can successfully establish a TLS 1.2 connection with the server." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Mbed TLS 3.5.x anterior a 3.6.0. Al negociar la versi\u00f3n TLS en el lado del servidor, puede recurrir a la implementaci\u00f3n TLS 1.2 del protocolo si est\u00e1 deshabilitada. Si la implementaci\u00f3n de TLS 1.2 se deshabilit\u00f3 en el momento de la compilaci\u00f3n, un cliente TLS 1.2 podr\u00eda colocar un servidor exclusivo de TLS 1.3 en un bucle infinito procesando un ClientHello de TLS 1.2, lo que resultar\u00eda en una denegaci\u00f3n de servicio. Si la implementaci\u00f3n de TLS 1.2 se deshabilit\u00f3 en tiempo de ejecuci\u00f3n, un cliente TLS 1.2 puede establecer exitosamente una conexi\u00f3n TLS 1.2 con el servidor." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-28xx/CVE-2024-2879.json b/CVE-2024/CVE-2024-28xx/CVE-2024-2879.json index 9ebe4b0a666..b1fe8b6f9e7 100644 --- a/CVE-2024/CVE-2024-28xx/CVE-2024-2879.json +++ b/CVE-2024/CVE-2024-28xx/CVE-2024-2879.json @@ -2,12 +2,16 @@ "id": "CVE-2024-2879", "sourceIdentifier": "security@wordfence.com", "published": "2024-04-03T04:15:11.960", - "lastModified": "2024-04-03T04:15:11.960", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento LayerSlider para WordPress es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de la acci\u00f3n ls_get_popup_markup en las versiones 7.9.11 y 7.10.0 debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-294xx/CVE-2024-29432.json b/CVE-2024/CVE-2024-294xx/CVE-2024-29432.json index 226d884aab0..8217e6dddcd 100644 --- a/CVE-2024/CVE-2024-294xx/CVE-2024-29432.json +++ b/CVE-2024/CVE-2024-294xx/CVE-2024-29432.json @@ -2,12 +2,16 @@ "id": "CVE-2024-29432", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-02T21:15:46.117", - "lastModified": "2024-04-02T21:15:46.117", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Alldata v0.4.6 contiene una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro nombre de tabla en /data/masterdata/datas." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-294xx/CVE-2024-29434.json b/CVE-2024/CVE-2024-294xx/CVE-2024-29434.json index 1d9ba77dbed..abfe789367d 100644 --- a/CVE-2024/CVE-2024-294xx/CVE-2024-29434.json +++ b/CVE-2024/CVE-2024-294xx/CVE-2024-29434.json @@ -2,12 +2,16 @@ "id": "CVE-2024-29434", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-02T22:15:09.450", - "lastModified": "2024-04-02T22:15:09.450", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue in the system image upload interface of Alldata v0.4.6 allows attackers to execute a directory traversal when uploading a file." + }, + { + "lang": "es", + "value": "Un problema en la interfaz de carga de im\u00e1genes del sistema de Alldata v0.4.6 permite a los atacantes ejecutar un directory traversal al cargar un archivo." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-294xx/CVE-2024-29477.json b/CVE-2024/CVE-2024-294xx/CVE-2024-29477.json new file mode 100644 index 00000000000..aa67165b4c2 --- /dev/null +++ b/CVE-2024/CVE-2024-294xx/CVE-2024-29477.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-29477", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-03T12:15:13.353", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Lack of sanitization during Installation Process in Dolibarr ERP CRM up to version 19.0.0 allows an attacker with adjacent access to the network to execute arbitrary code via a specifically crafted input." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://dolibarr.com", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-29477.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29734.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29734.json index 21b2baa62f3..65d7704afc4 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29734.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29734.json @@ -2,12 +2,16 @@ "id": "CVE-2024-29734", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-04-03T08:15:49.173", - "lastModified": "2024-04-03T08:15:49.173", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application." + }, + { + "lang": "es", + "value": "Existe un problema de elemento de ruta de b\u00fasqueda no controlado en SonicDICOM Media Viewer 2.3.2 y versiones anteriores, lo que puede provocar que las bibliotecas de v\u00ednculos din\u00e1micos se carguen de forma insegura. Como resultado, se puede ejecutar c\u00f3digo arbitrario con los privilegios de la aplicaci\u00f3n en ejecuci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30166.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30166.json index fba6da6f9d3..3967d89831e 100644 --- a/CVE-2024/CVE-2024-301xx/CVE-2024-30166.json +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30166.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30166", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T03:15:10.510", - "lastModified": "2024-04-03T03:15:10.510", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello." + }, + { + "lang": "es", + "value": "En Mbed TLS 3.3.0 hasta 3.5.2 anterior a 3.6.0, un cliente malintencionado puede provocar la divulgaci\u00f3n de informaci\u00f3n o una denegaci\u00f3n de servicio debido a una sobrelectura del b\u00fafer de pila (de menos de 256 bytes) en un servidor TLS 1.3 a trav\u00e9s de un TLS. 3.1 ClientHello." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30344.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30344.json index bb0b28f9698..e583ef326d8 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30344.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30344.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30344", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:46.173", - "lastModified": "2024-04-02T21:15:46.173", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22733." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. El defecto espec\u00edfico existe en el manejo de Acroforms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22733." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30345.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30345.json index a95fbef241f..a7c320caa59 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30345.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30345.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30345", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:46.353", - "lastModified": "2024-04-02T21:15:46.353", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22742." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos Doc en AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22742." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30346.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30346.json index 8548c88552f..683fb80bb89 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30346.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30346.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30346", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:46.530", - "lastModified": "2024-04-02T21:15:46.530", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22745." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos Doc en AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22745." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30347.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30347.json index 92039b4e6f4..61b3212b33b 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30347.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30347.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30347", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:46.723", - "lastModified": "2024-04-02T21:15:46.723", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22910." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-22910." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30348.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30348.json index 73ea20d2f74..f89a82bd263 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30348.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30348.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30348", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:46.900", - "lastModified": "2024-04-02T21:15:46.900", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22911." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de escritura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22911." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30349.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30349.json index 697a1da6c7d..1e95f7ce0d1 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30349.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30349.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30349", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:47.090", - "lastModified": "2024-04-02T21:15:47.090", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22912." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de escritura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22912." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30350.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30350.json index 5cb17b8e785..ba9a68185bf 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30350.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30350.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30350", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:47.263", - "lastModified": "2024-04-02T21:15:47.263", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22708." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites de anotaci\u00f3n de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos de anotaci\u00f3n. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-22708." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30351.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30351.json index 389d617ccc0..2e63ea94466 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30351.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30351.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30351", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:47.447", - "lastModified": "2024-04-02T21:15:47.447", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22799." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos Doc en AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22799." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30352.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30352.json index 43ab5335e8b..3a0574db582 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30352.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30352.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30352", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:47.630", - "lastModified": "2024-04-02T21:15:47.630", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22800." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos Doc. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22800." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30353.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30353.json index 3be692f21ef..fd82f3d1fdc 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30353.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30353.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30353", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:47.813", - "lastModified": "2024-04-02T21:15:47.813", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22807." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de lectura fuera de los l\u00edmites de Foxit PDF Reader AcroForm. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos Doc en AcroForms. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22807." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30354.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30354.json index 3e8b7314745..201b8175fae 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30354.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30354.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30354", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:47.993", - "lastModified": "2024-04-02T21:15:47.993", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22808." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos Doc en AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22808." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30355.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30355.json index 93d58f3f32a..a437fd7b0bc 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30355.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30355.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30355", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:48.167", - "lastModified": "2024-04-02T21:15:48.167", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22809." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de escritura fuera de los l\u00edmites de Foxit PDF Reader AcroForm. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos Doc en AcroForms. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22809." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30356.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30356.json index d7507ad6f55..f77139482bd 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30356.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30356.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30356", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:48.347", - "lastModified": "2024-04-02T21:15:48.347", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22811." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites de Foxit PDF Reader AcroForm. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos Doc en AcroForms. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-22811." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30357.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30357.json index fb81dc3a3d5..6e5fc1458f1 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30357.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30357.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30357", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:48.530", - "lastModified": "2024-04-02T21:15:48.530", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22818." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de confusi\u00f3n de tipos de anotaci\u00f3n AcroForm de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos de anotaci\u00f3n en AcroForms. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede dar lugar a una condici\u00f3n de confusi\u00f3n de tipos. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22818." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30358.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30358.json index 57762e29d2c..4a28a29042a 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30358.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30358.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30358", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:48.717", - "lastModified": "2024-04-02T21:15:48.717", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22821." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo Foxit PDF Reader AcroForm User-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22821." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30359.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30359.json index a2b570edf09..6b991bfbe60 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30359.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30359.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30359", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:48.900", - "lastModified": "2024-04-02T21:15:48.900", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of 3D objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22888." + }, + { + "lang": "es", + "value": "Foxit PDF Reader AcroForm 3D Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de lectura fuera de los l\u00edmites. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos 3D en AcroForms. El problema se debe a la falta de validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22888." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30360.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30360.json index a955e66090f..418119d6864 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30360.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30360.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30360", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:49.077", - "lastModified": "2024-04-02T21:15:49.077", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22797." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22797." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30361.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30361.json index ed0baa536b5..298d5e9b22d 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30361.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30361.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30361", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:49.280", - "lastModified": "2024-04-02T21:15:49.280", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22877." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22877." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30362.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30362.json index 4de6da20b5f..ce31c8afd41 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30362.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30362.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30362", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:49.477", - "lastModified": "2024-04-02T21:15:49.477", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22798." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo despu\u00e9s de la liberaci\u00f3n del an\u00e1lisis de archivos PDF de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22798." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30363.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30363.json index 37657b1dea3..3870446b6e3 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30363.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30363.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30363", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:49.667", - "lastModified": "2024-04-02T21:15:49.667", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23008." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-23008." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30364.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30364.json index 7108d86c2b4..3ba50166880 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30364.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30364.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30364", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:49.853", - "lastModified": "2024-04-02T21:15:49.853", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23009." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-23009." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30365.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30365.json index d9ff61ff8e3..f01176868b2 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30365.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30365.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30365", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:50.033", - "lastModified": "2024-04-02T21:15:50.033", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22947." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22947." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30367.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30367.json index f31e074071a..d21caf241b0 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30367.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30367.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30367", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:50.217", - "lastModified": "2024-04-02T21:15:50.217", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23013." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-23013." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30370.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30370.json index 8a5a928c5d9..e23d4041b9d 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30370.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30370.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30370", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:50.403", - "lastModified": "2024-04-02T21:15:50.403", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action on a malicious page.\n\nThe specific flaw exists within the archive extraction functionality. A crafted archive entry can cause the creation of an arbitrary file without the Mark-Of-The-Web. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. Was ZDI-CAN-23156." + }, + { + "lang": "es", + "value": "Vulnerabilidad de omisi\u00f3n de marca de la web en RARLAB WinRAR. Esta vulnerabilidad permite a atacantes remotos eludir el mecanismo de protecci\u00f3n Mark-Of-The-Web en las instalaciones afectadas de RARLAB WinRAR. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe realizar una acci\u00f3n espec\u00edfica en una p\u00e1gina maliciosa. La falla espec\u00edfica existe dentro de la funcionalidad de extracci\u00f3n de archivos. Una entrada de archivo manipulada puede provocar la creaci\u00f3n de un archivo arbitrario sin la marca de la web. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del usuario actual. Era ZDI-CAN-23156." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30371.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30371.json index 012b211d3fe..d6ea3b28171 100644 --- a/CVE-2024/CVE-2024-303xx/CVE-2024-30371.json +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30371.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30371", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-02T21:15:50.600", - "lastModified": "2024-04-02T21:15:50.600", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23355." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Foxit PDF Reader AcroForm Use-After-Free. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de AcroForms. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-23355." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-305xx/CVE-2024-30568.json b/CVE-2024/CVE-2024-305xx/CVE-2024-30568.json new file mode 100644 index 00000000000..2b8b45e4a1d --- /dev/null +++ b/CVE-2024/CVE-2024-305xx/CVE-2024-30568.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-30568", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-03T13:16:02.443", + "lastModified": "2024-04-03T13:16:02.443", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Netgear-R6850%20V1.1.0.88%20Command%20Injection%28ping_test%29.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.netgear.com/about/security/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-305xx/CVE-2024-30569.json b/CVE-2024/CVE-2024-305xx/CVE-2024-30569.json new file mode 100644 index 00000000000..15127361b48 --- /dev/null +++ b/CVE-2024/CVE-2024-305xx/CVE-2024-30569.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-30569", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-03T13:16:02.503", + "lastModified": "2024-04-03T13:16:02.503", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Info%20Leak%20in%20Netgear-R6850%EF%BC%88currentsetting.htm%EF%BC%89.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.netgear.com/about/security/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-305xx/CVE-2024-30570.json b/CVE-2024/CVE-2024-305xx/CVE-2024-30570.json new file mode 100644 index 00000000000..aa872d5de7a --- /dev/null +++ b/CVE-2024/CVE-2024-305xx/CVE-2024-30570.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-30570", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-03T13:16:02.563", + "lastModified": "2024-04-03T13:16:02.563", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Info%20Leak%20in%20Netgear-R6850%EF%BC%88debuginfo.htm%EF%BC%89.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.netgear.com/about/security/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-305xx/CVE-2024-30571.json b/CVE-2024/CVE-2024-305xx/CVE-2024-30571.json new file mode 100644 index 00000000000..6fe556d6bb4 --- /dev/null +++ b/CVE-2024/CVE-2024-305xx/CVE-2024-30571.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-30571", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-03T13:16:02.620", + "lastModified": "2024-04-03T13:16:02.620", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Info%20Leak%20in%20Netgear-R6850%EF%BC%88BRS_top.html%EF%BC%89.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.netgear.com/about/security/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-305xx/CVE-2024-30572.json b/CVE-2024/CVE-2024-305xx/CVE-2024-30572.json new file mode 100644 index 00000000000..251366690e9 --- /dev/null +++ b/CVE-2024/CVE-2024-305xx/CVE-2024-30572.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-30572", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-03T13:16:02.680", + "lastModified": "2024-04-03T13:16:02.680", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Netgear-R6850%20V1.1.0.88%20Command%20Injection%28ntp_server%29.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.netgear.com/about/security/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-309xx/CVE-2024-30998.json b/CVE-2024/CVE-2024-309xx/CVE-2024-30998.json index 9a3a11282c6..a3b9ad9a25e 100644 --- a/CVE-2024/CVE-2024-309xx/CVE-2024-30998.json +++ b/CVE-2024/CVE-2024-309xx/CVE-2024-30998.json @@ -2,12 +2,16 @@ "id": "CVE-2024-30998", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T06:15:07.650", - "lastModified": "2024-04-03T06:15:07.650", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via the email parameter in the index.php component." + }, + { + "lang": "es", + "value": "Vulnerabilidad de inyecci\u00f3n SQL en PHPGurukul Men Salon Management System v.2.0, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro de correo electr\u00f3nico en el componente index.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-310xx/CVE-2024-31008.json b/CVE-2024/CVE-2024-310xx/CVE-2024-31008.json index c05480fd72d..72b8103522c 100644 --- a/CVE-2024/CVE-2024-310xx/CVE-2024-31008.json +++ b/CVE-2024/CVE-2024-310xx/CVE-2024-31008.json @@ -2,12 +2,16 @@ "id": "CVE-2024-31008", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T06:15:07.750", - "lastModified": "2024-04-03T06:15:07.750", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en la versi\u00f3n 4.1.0 de WUZHICMS que permite a un atacante ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del archivo index.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-310xx/CVE-2024-31009.json b/CVE-2024/CVE-2024-310xx/CVE-2024-31009.json index 5db923c41ac..157b9b18ad5 100644 --- a/CVE-2024/CVE-2024-310xx/CVE-2024-31009.json +++ b/CVE-2024/CVE-2024-310xx/CVE-2024-31009.json @@ -2,12 +2,16 @@ "id": "CVE-2024-31009", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T04:15:12.403", - "lastModified": "2024-04-03T04:15:12.403", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via lgid parameter in Banner.php." + }, + { + "lang": "es", + "value": "Vulnerabilidad de inyecci\u00f3n SQL en SEMCMS v.4.8, permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro lgid en Banner.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-310xx/CVE-2024-31010.json b/CVE-2024/CVE-2024-310xx/CVE-2024-31010.json index f268b4ee73c..98813008862 100644 --- a/CVE-2024/CVE-2024-310xx/CVE-2024-31010.json +++ b/CVE-2024/CVE-2024-310xx/CVE-2024-31010.json @@ -2,12 +2,16 @@ "id": "CVE-2024-31010", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T04:15:12.653", - "lastModified": "2024-04-03T04:15:12.653", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php." + }, + { + "lang": "es", + "value": "Vulnerabilidad de inyecci\u00f3n SQL en SEMCMS v.4.8, permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro ID en Banner.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-310xx/CVE-2024-31011.json b/CVE-2024/CVE-2024-310xx/CVE-2024-31011.json index 4791e62cdf9..43fda6f304d 100644 --- a/CVE-2024/CVE-2024-310xx/CVE-2024-31011.json +++ b/CVE-2024/CVE-2024-310xx/CVE-2024-31011.json @@ -2,12 +2,16 @@ "id": "CVE-2024-31011", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T05:15:48.010", - "lastModified": "2024-04-03T05:15:48.010", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Arbitrary file write vulnerability in beescms v.4.0, allows a remote attacker to execute arbitrary code via a file path that was not isolated and the suffix was not verified in admin_template.php." + }, + { + "lang": "es", + "value": "Vulnerabilidad de escritura arbitraria en archivos en beescms v.4.0, permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una ruta de archivo que no estaba aislada y el sufijo no estaba verificado en admin_template.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-310xx/CVE-2024-31012.json b/CVE-2024/CVE-2024-310xx/CVE-2024-31012.json index 884954c2496..b6bc5cf4d1c 100644 --- a/CVE-2024/CVE-2024-310xx/CVE-2024-31012.json +++ b/CVE-2024/CVE-2024-310xx/CVE-2024-31012.json @@ -2,12 +2,16 @@ "id": "CVE-2024-31012", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T04:15:12.797", - "lastModified": "2024-04-03T04:15:12.797", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in SEMCMS v.4.8, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the upload.php file." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en SEMCMS v.4.8 que permite a atacantes remotos ejecutar c\u00f3digo arbitrario, escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s del archivo upload.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-310xx/CVE-2024-31013.json b/CVE-2024/CVE-2024-310xx/CVE-2024-31013.json index 16290595e86..a3554f28bb7 100644 --- a/CVE-2024/CVE-2024-310xx/CVE-2024-31013.json +++ b/CVE-2024/CVE-2024-310xx/CVE-2024-31013.json @@ -2,12 +2,16 @@ "id": "CVE-2024-31013", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T04:15:12.907", - "lastModified": "2024-04-03T04:15:12.907", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote attackers to execute arbitrary code via a crafted payload to the bottom of the homepage in footer_info parameter." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross Site Scripting (XSS) en emlog versi\u00f3n Pro 2.3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado en la parte inferior de la p\u00e1gina de inicio en el par\u00e1metro footer_info." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31380.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31380.json new file mode 100644 index 00000000000..6c268eca602 --- /dev/null +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31380.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-31380", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-03T12:15:13.530", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Soflyy Oxygen Builder allows Code Injection.This issue affects Oxygen Builder: from n/a through 4.8.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-plugin-4-8-1-auth-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://snicco.io/vulnerability-disclosure/oxygen/client-control-remote-code-execution-oxygen-4-8-1?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31390.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31390.json new file mode 100644 index 00000000000..2055cc55d45 --- /dev/null +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31390.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-31390", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-03T12:15:14.020", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Soflyy Breakdance allows Code Injection.This issue affects Breakdance: from n/a through 1.7.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/breakdance/wordpress-breakdance-plugin-1-7-0-authenticated-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://snicco.io/vulnerability-disclosure/breakdance/client-mode-remote-code-execution-breakdance-1-7-0?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-31xx/CVE-2024-3162.json b/CVE-2024/CVE-2024-31xx/CVE-2024-3162.json index d1d5e2ef91d..a0a4ef91bb7 100644 --- a/CVE-2024/CVE-2024-31xx/CVE-2024-3162.json +++ b/CVE-2024/CVE-2024-31xx/CVE-2024-3162.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3162", "sourceIdentifier": "security@wordfence.com", "published": "2024-04-03T03:15:10.907", - "lastModified": "2024-04-03T03:15:10.907", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget Attributes in all versions up to, and including, 2.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Jeg Elementor Kit para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los atributos del widget de testimonios en todas las versiones hasta la 2.6.3 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de colaborador o superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3202.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3202.json index d1f02adf0c1..d908384a1d0 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3202.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3202.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3202", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-02T22:15:09.643", - "lastModified": "2024-04-02T22:15:09.643", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, has been found in codelyfe Stupid Simple CMS 1.2.4. This issue affects some unknown processing of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-259049 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en codelyfe Stupid Simple CMS 1.2.4 y clasificada como problem\u00e1tica. Este problema afecta un procesamiento desconocido de la p\u00e1gina de inicio de sesi\u00f3n del componente. La manipulaci\u00f3n conduce a una restricci\u00f3n inadecuada de intentos de autenticaci\u00f3n excesivos. El ataque puede iniciarse de forma remota. La complejidad de un ataque es bastante alta. Se sabe que la explotaci\u00f3n es dif\u00edcil. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-259049. NOTA: Se contact\u00f3 primeramente al proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3203.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3203.json index b1355089e79..33b29d76642 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3203.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3203.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3203", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-02T22:15:10.320", - "lastModified": "2024-04-02T22:15:10.320", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Affected is the function ndlz8_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-259050 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en c-blosc2 hasta 2.13.2 y clasificada como cr\u00edtica. La funci\u00f3n ndlz8_decompress del archivo /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c es afectada por la vulnerabilidad. La manipulaci\u00f3n conduce a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-259050 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente al proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3204.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3204.json index 8c098d6f9be..5564a13848f 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3204.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3204.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3204", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-02T22:15:11.040", - "lastModified": "2024-04-02T22:15:11.040", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Affected by this vulnerability is the function ndlz4_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259051. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en c-blosc2 hasta 2.13.2 y clasificada como cr\u00edtica. La funci\u00f3n ndlz4_decompress del archivo /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-259051. NOTA: Se contact\u00f3 primeramente al proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3205.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3205.json index caf512101bf..17044100152 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3205.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3205.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3205", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-02T23:15:54.627", - "lastModified": "2024-04-02T23:15:54.627", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical. Affected by this issue is the function yaml_emitter_emit_flow_sequence_item of the file /src/libyaml/src/emitter.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en yaml libyaml hasta 0.2.5 y clasificada como cr\u00edtica. La funci\u00f3n yaml_emitter_emit_flow_sequence_item del archivo /src/libyaml/src/emitter.c es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-259052. NOTA: Se contact\u00f3 primeramente al proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3207.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3207.json index c08c576ba10..c50ecda08cb 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3207.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3207.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3207", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-02T23:15:54.853", - "lastModified": "2024-04-02T23:15:54.853", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in ermig1979 Simd up to 6.0.134. It has been declared as critical. This vulnerability affects the function ReadUnsigned of the file src/Simd/SimdMemoryStream.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. VDB-259054 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en ermig1979 Simd hasta 6.0.134. Ha sido declarada cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n ReadUnsigned del archivo src/Simd/SimdMemoryStream.h. La manipulaci\u00f3n conduce a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-259054 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente al proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3209.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3209.json index 48b47588898..62f9c0fff1f 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3209.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3209.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3209", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-02T23:15:55.083", - "lastModified": "2024-04-02T23:15:55.083", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259055. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en UPX hasta 4.2.2. Ha sido calificada como cr\u00edtica. Este problema afecta a la funci\u00f3n get_ne64 del archivo bele.h. La manipulaci\u00f3n conduce a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-259055. NOTA: Se contact\u00f3 primeramente al proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3218.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3218.json index f94689600f1..19a6e4bc690 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3218.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3218.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3218", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T00:15:08.717", - "lastModified": "2024-04-03T00:15:08.717", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in Shibang Communications IP Network Intercom Broadcasting System 1.0. This affects an unknown part of the file /php/busyscreenshotpush.php. The manipulation of the argument jsondata[callee]/jsondata[imagename] leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259065 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en Shibang Communications IP Network Intercom Broadcasting System 1.0 y clasificada como cr\u00edtica. Esto afecta a una parte desconocida del archivo /php/busyscreenshotpush.php. La manipulaci\u00f3n del argumento jsondata[callee]/jsondata[imagename] conduce al path traversal: '../filedir'. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-259065." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3221.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3221.json index 7be4aa32c28..655dd22ed97 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3221.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3221.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3221", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T00:15:08.980", - "lastModified": "2024-04-03T00:15:08.980", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in SourceCodester PHP Task Management System 1.0. This vulnerability affects unknown code of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259066 is the identifier assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester PHP Task Management System 1.0 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo asistencia-info.php. La manipulaci\u00f3n del argumento user_id conduce a la inyecci\u00f3n de SQL. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-259066 es el identificador asignado a esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3222.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3222.json index 2947214ed3a..10a76629d96 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3222.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3222.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3222", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T00:15:09.237", - "lastModified": "2024-04-03T00:15:09.237", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in SourceCodester PHP Task Management System 1.0. This issue affects some unknown processing of the file admin-password-change.php. The manipulation of the argument admin_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259067." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester PHP Task Management System 1.0 y clasificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo admin-password-change.php. La manipulaci\u00f3n del argumento admin_id conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-259067." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3223.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3223.json index bb344603a7f..36c526369a8 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3223.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3223.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3223", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T01:16:05.023", - "lastModified": "2024-04-03T01:16:05.023", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in SourceCodester PHP Task Management System 1.0. Affected is an unknown function of the file admin-manage-user.php. The manipulation of the argument admin_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259068." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester PHP Task Management System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo admin-manage-user.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento admin_id conduce a la inyecci\u00f3n de SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-259068." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3224.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3224.json index 7d4272c8a8d..cc66e03603d 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3224.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3224.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3224", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T02:15:08.097", - "lastModified": "2024-04-03T02:15:08.097", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in SourceCodester PHP Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file task-details.php. The manipulation of the argument task_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259069 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en SourceCodester PHP Task Management System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo task-details.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento task_id conduce a la inyecci\u00f3n de SQL. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-259069." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3225.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3225.json index d1b8fa78c96..c77a7cc79dc 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3225.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3225.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3225", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T02:15:08.347", - "lastModified": "2024-04-03T02:15:08.347", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester PHP Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file edit-task.php. The manipulation of the argument task_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259070 is the identifier assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester PHP Task Management System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo edit-task.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento task_id conduce a la inyecci\u00f3n de SQL. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-259070 es el identificador asignado a esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3226.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3226.json index f2e99182cf2..e5681d8ec04 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3226.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3226.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3226", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T02:15:08.647", - "lastModified": "2024-04-03T02:15:08.647", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Campcodes Online Patient Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/login.php. The manipulation of the argument password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259071." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Campcodes Online Patient Record Management System 1.0. Ha sido clasificada como cr\u00edtica. Esto afecta a una parte desconocida del archivo /admin/login.php. La manipulaci\u00f3n del argumento contrase\u00f1a conduce a la inyecci\u00f3n de SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-259071." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3227.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3227.json index b903c3f2c75..ad4ddbe03cc 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3227.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3227.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3227", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T03:15:11.457", - "lastModified": "2024-04-03T03:15:11.457", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Panwei eoffice OA up to 9.5. It has been declared as critical. This vulnerability affects unknown code of the file /general/system/interface/theme_set/save_image.php of the component Backend. The manipulation of the argument image_type leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259072." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Panwei eoffice OA hasta 9.5. Ha sido declarada cr\u00edtica. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo /general/system/interface/theme_set/save_image.php del componente Backend. La manipulaci\u00f3n del argumento tipo_imagen conduce al path traversal: '../filedir'. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-259072." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3247.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3247.json index 69b383e33e8..81938f8b911 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3247.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3247.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3247", "sourceIdentifier": "xpdf@xpdfreader.com", "published": "2024-04-02T23:15:55.300", - "lastModified": "2024-04-02T23:15:55.300", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.\n" + }, + { + "lang": "es", + "value": "En Xpdf 4.05 (y versiones anteriores), un bucle de un objeto PDF en una secuencia de objetos genera una recursividad infinita y un desbordamiento de la pila." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3248.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3248.json index 9cfc2fcbefe..079542c6db8 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3248.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3248.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3248", "sourceIdentifier": "xpdf@xpdfreader.com", "published": "2024-04-02T23:15:55.493", - "lastModified": "2024-04-02T23:15:55.493", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.\n" + }, + { + "lang": "es", + "value": "En Xpdf 4.05 (y versiones anteriores), un bucle de objeto PDF en los archivos adjuntos provoca una recursividad infinita y un desbordamiento de la pila." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3251.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3251.json index c8dd5d3fbcb..4cde7711e35 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3251.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3251.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3251", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T10:15:09.257", - "lastModified": "2024-04-03T10:15:09.257", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/?page=borrow/view_borrow. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259100." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en SourceCodester Computer Laboratory Management System 1.0. Ha sido calificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /admin/?page=borrow/view_borrow es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-259100." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3252.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3252.json index 0474b67b7d8..0e3be68a4d6 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3252.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3252.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3252", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T10:15:09.687", - "lastModified": "2024-04-03T10:15:09.687", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3253.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3253.json index 1510ad78a69..782ac4c7e2b 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3253.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3253.json @@ -2,12 +2,16 @@ "id": "CVE-2024-3253", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-03T11:15:46.097", - "lastModified": "2024-04-03T11:15:46.097", - "vulnStatus": "Received", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in SourceCodester Internship Portal Management System 1.0. This vulnerability affects unknown code of the file admin/add_admin.php. The manipulation of the argument name/username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259102 is the identifier assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester Internship Portal Management System 1.0 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo admin/add_admin.php. La manipulaci\u00f3n del argumento nombre/nombre de usuario/contrase\u00f1a conduce a la inyecci\u00f3n de SQL. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-259102 es el identificador asignado a esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3254.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3254.json new file mode 100644 index 00000000000..9a624625eeb --- /dev/null +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3254.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3254", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-03T12:15:14.523", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in SourceCodester Internship Portal Management System 1.0. This issue affects some unknown processing of the file admin/edit_admin.php. The manipulation of the argument admin_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259103." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-04", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.259103", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.259103", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.309215", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3255.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3255.json new file mode 100644 index 00000000000..ce1fff28db0 --- /dev/null +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3255.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3255", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-03T12:15:15.040", + "lastModified": "2024-04-03T12:38:04.840", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in SourceCodester Internship Portal Management System 1.0. Affected is an unknown function of the file admin/edit_admin_query.php. The manipulation of the argument username/password/name/admin_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259104." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-05", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.259104", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.259104", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.309216", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3256.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3256.json new file mode 100644 index 00000000000..c72ce1bbd5e --- /dev/null +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3256.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3256", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-03T13:16:02.740", + "lastModified": "2024-04-03T13:16:02.740", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in SourceCodester Internship Portal Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/edit_activity.php. The manipulation of the argument activity_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259105 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-06", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.259105", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.259105", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.309217", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3257.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3257.json new file mode 100644 index 00000000000..19fda2518c9 --- /dev/null +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3257.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3257", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-03T13:16:03.020", + "lastModified": "2024-04-03T13:16:03.020", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Internship Portal Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/edit_activity_query.php. The manipulation of the argument title/description/start/end leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259106 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-07", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.259106", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.259106", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.309218", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3258.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3258.json new file mode 100644 index 00000000000..2a970d44dfb --- /dev/null +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3258.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3258", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-03T13:16:03.310", + "lastModified": "2024-04-03T13:16:03.310", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Internship Portal Management System 1.0. It has been classified as critical. This affects an unknown part of the file admin/add_activity.php. The manipulation of the argument title/description/start/end leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259107." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-08", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.259107", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.259107", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.309219", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 45914979369..08fc2a2059b 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-03T12:00:38.015229+00:00 +2024-04-03T14:00:52.038847+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-03T11:15:46.097000+00:00 +2024-04-03T13:16:03.310000+00:00 ``` ### Last Data Feed Release @@ -33,25 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -243822 +243849 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `27` -- [CVE-2024-0172](CVE-2024/CVE-2024-01xx/CVE-2024-0172.json) (`2024-04-03T10:15:08.030`) -- [CVE-2024-3251](CVE-2024/CVE-2024-32xx/CVE-2024-3251.json) (`2024-04-03T10:15:09.257`) -- [CVE-2024-3252](CVE-2024/CVE-2024-32xx/CVE-2024-3252.json) (`2024-04-03T10:15:09.687`) -- [CVE-2024-3253](CVE-2024/CVE-2024-32xx/CVE-2024-3253.json) (`2024-04-03T11:15:46.097`) +- [CVE-2023-52296](CVE-2023/CVE-2023-522xx/CVE-2023-52296.json) (`2024-04-03T13:16:00.360`) +- [CVE-2024-22360](CVE-2024/CVE-2024-223xx/CVE-2024-22360.json) (`2024-04-03T13:16:01.183`) +- [CVE-2024-24707](CVE-2024/CVE-2024-247xx/CVE-2024-24707.json) (`2024-04-03T13:16:01.383`) +- [CVE-2024-25030](CVE-2024/CVE-2024-250xx/CVE-2024-25030.json) (`2024-04-03T13:16:01.590`) +- [CVE-2024-25046](CVE-2024/CVE-2024-250xx/CVE-2024-25046.json) (`2024-04-03T13:16:01.790`) +- [CVE-2024-25096](CVE-2024/CVE-2024-250xx/CVE-2024-25096.json) (`2024-04-03T13:16:02.017`) +- [CVE-2024-25918](CVE-2024/CVE-2024-259xx/CVE-2024-25918.json) (`2024-04-03T12:15:10.537`) +- [CVE-2024-27191](CVE-2024/CVE-2024-271xx/CVE-2024-27191.json) (`2024-04-03T12:15:11.123`) +- [CVE-2024-27254](CVE-2024/CVE-2024-272xx/CVE-2024-27254.json) (`2024-04-03T13:16:02.220`) +- [CVE-2024-27951](CVE-2024/CVE-2024-279xx/CVE-2024-27951.json) (`2024-04-03T12:15:11.690`) +- [CVE-2024-27972](CVE-2024/CVE-2024-279xx/CVE-2024-27972.json) (`2024-04-03T12:15:12.187`) +- [CVE-2024-28782](CVE-2024/CVE-2024-287xx/CVE-2024-28782.json) (`2024-04-03T12:15:12.747`) +- [CVE-2024-29477](CVE-2024/CVE-2024-294xx/CVE-2024-29477.json) (`2024-04-03T12:15:13.353`) +- [CVE-2024-30568](CVE-2024/CVE-2024-305xx/CVE-2024-30568.json) (`2024-04-03T13:16:02.443`) +- [CVE-2024-30569](CVE-2024/CVE-2024-305xx/CVE-2024-30569.json) (`2024-04-03T13:16:02.503`) +- [CVE-2024-30570](CVE-2024/CVE-2024-305xx/CVE-2024-30570.json) (`2024-04-03T13:16:02.563`) +- [CVE-2024-30571](CVE-2024/CVE-2024-305xx/CVE-2024-30571.json) (`2024-04-03T13:16:02.620`) +- [CVE-2024-30572](CVE-2024/CVE-2024-305xx/CVE-2024-30572.json) (`2024-04-03T13:16:02.680`) +- [CVE-2024-31380](CVE-2024/CVE-2024-313xx/CVE-2024-31380.json) (`2024-04-03T12:15:13.530`) +- [CVE-2024-31390](CVE-2024/CVE-2024-313xx/CVE-2024-31390.json) (`2024-04-03T12:15:14.020`) +- [CVE-2024-3254](CVE-2024/CVE-2024-32xx/CVE-2024-3254.json) (`2024-04-03T12:15:14.523`) +- [CVE-2024-3255](CVE-2024/CVE-2024-32xx/CVE-2024-3255.json) (`2024-04-03T12:15:15.040`) +- [CVE-2024-3256](CVE-2024/CVE-2024-32xx/CVE-2024-3256.json) (`2024-04-03T13:16:02.740`) +- [CVE-2024-3257](CVE-2024/CVE-2024-32xx/CVE-2024-3257.json) (`2024-04-03T13:16:03.020`) +- [CVE-2024-3258](CVE-2024/CVE-2024-32xx/CVE-2024-3258.json) (`2024-04-03T13:16:03.310`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `81` -- [CVE-2024-3141](CVE-2024/CVE-2024-31xx/CVE-2024-3141.json) (`2024-04-03T11:15:45.800`) -- [CVE-2024-3142](CVE-2024/CVE-2024-31xx/CVE-2024-3142.json) (`2024-04-03T11:15:45.993`) +- [CVE-2024-31009](CVE-2024/CVE-2024-310xx/CVE-2024-31009.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-31010](CVE-2024/CVE-2024-310xx/CVE-2024-31010.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-31011](CVE-2024/CVE-2024-310xx/CVE-2024-31011.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-31012](CVE-2024/CVE-2024-310xx/CVE-2024-31012.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-31013](CVE-2024/CVE-2024-310xx/CVE-2024-31013.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3162](CVE-2024/CVE-2024-31xx/CVE-2024-3162.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3202](CVE-2024/CVE-2024-32xx/CVE-2024-3202.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3203](CVE-2024/CVE-2024-32xx/CVE-2024-3203.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3204](CVE-2024/CVE-2024-32xx/CVE-2024-3204.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3205](CVE-2024/CVE-2024-32xx/CVE-2024-3205.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3207](CVE-2024/CVE-2024-32xx/CVE-2024-3207.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3209](CVE-2024/CVE-2024-32xx/CVE-2024-3209.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3218](CVE-2024/CVE-2024-32xx/CVE-2024-3218.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3221](CVE-2024/CVE-2024-32xx/CVE-2024-3221.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3222](CVE-2024/CVE-2024-32xx/CVE-2024-3222.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3223](CVE-2024/CVE-2024-32xx/CVE-2024-3223.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3224](CVE-2024/CVE-2024-32xx/CVE-2024-3224.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3225](CVE-2024/CVE-2024-32xx/CVE-2024-3225.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3226](CVE-2024/CVE-2024-32xx/CVE-2024-3226.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3227](CVE-2024/CVE-2024-32xx/CVE-2024-3227.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3247](CVE-2024/CVE-2024-32xx/CVE-2024-3247.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3248](CVE-2024/CVE-2024-32xx/CVE-2024-3248.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3251](CVE-2024/CVE-2024-32xx/CVE-2024-3251.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3252](CVE-2024/CVE-2024-32xx/CVE-2024-3252.json) (`2024-04-03T12:38:04.840`) +- [CVE-2024-3253](CVE-2024/CVE-2024-32xx/CVE-2024-3253.json) (`2024-04-03T12:38:04.840`) ## Download and Usage diff --git a/_state.csv b/_state.csv index e62caa3d82a..464d330a3e1 100644 --- a/_state.csv +++ b/_state.csv @@ -150064,7 +150064,7 @@ CVE-2020-15364,0,0,267701fb21783d509479e8a923b2e19e7ccf8a0551ddbd8729593bda4a16f CVE-2020-15365,0,0,938f5eb3ba3ca728fcaf915904a3526f04ae48f1657ae10dc1f0915c60fa9b70,2020-07-06T18:47:42.987000 CVE-2020-15366,0,0,418b96dc8a719a3b873361e5e3a3e33cefb9922d7cca9aaaf01b96b33e94e458,2022-12-02T19:56:58.037000 CVE-2020-15367,0,0,2dcea22f4f2cd65b40c73e72b1391a728b5cd99c9714e2d866ee4f29017c6c4f,2020-07-15T16:46:47.890000 -CVE-2020-15368,0,0,430ffa34aa226e619402231b28b57fca1acdef5ac5037aa65babc12d1c7298fa,2020-07-09T14:01:55.107000 +CVE-2020-15368,0,1,8c944efb2f74e537b6da2f9ed82910cb74cae29d632db670415cce15e78907a3,2024-04-03T12:15:09.637000 CVE-2020-15369,0,0,a7b33e6c58aca4faf2126d0b4cc603b66c5e405a89f3710a8c4caf16e3c56565,2021-08-23T14:47:25.257000 CVE-2020-1537,0,0,bcc163c6a75b75130b836c2e537da6f3b376bf23f1b25fe91b7e5a6faadfd158,2024-01-19T00:15:16.233000 CVE-2020-15370,0,0,d12c8497508acc67b392206bac059a5feae754694eb71a07459ac8c76aff6b6a,2021-06-22T15:19:18.237000 @@ -172352,7 +172352,7 @@ CVE-2021-27306,0,0,be23932f4da70775d6d8d7543aa4c2327e04885b3e647e604f619b6a29948 CVE-2021-27308,0,0,dc72c1bf5f875e27c1ebed03c0898be25187d51302761aa0704fffc49c45a41a,2022-05-23T22:32:02.527000 CVE-2021-27309,0,0,1c1b839104fc5e1bc9466b831ead03517308140f821e7477a5d7b1b741876aba,2021-03-24T18:49:25.550000 CVE-2021-27310,0,0,6db7c5f4fbfa5c67791d131baa497a8bdbe96d01c27f757bb2ec5f081e29d3e8,2021-03-24T18:49:16.487000 -CVE-2021-27312,0,0,35319f5df9c673805bdf3f6515f63f382c4bcbff7b49446278bd452d18a25707,2024-04-03T06:15:07.350000 +CVE-2021-27312,0,1,541fed24328ac2f26d8c6c6aa072eaebe3374bee165b04b5b4286566edc8f852,2024-04-03T12:38:04.840000 CVE-2021-27314,0,0,c1764066bd6450133793a8b50594e063f7167e81d7a4822827ad0c620de4f438,2021-03-05T20:45:06.427000 CVE-2021-27315,0,0,4ef7091620726b3ae87b577a366d6cba560af7bf8b4bb7e419e344f9d7c1e5e8,2021-03-24T15:53:20.323000 CVE-2021-27316,0,0,b38e3a43b366db798b96607c064bdaa6ec7a7d19af90494c9f5db26ba9c2e0ca,2021-03-24T15:54:58.873000 @@ -218072,6 +218072,7 @@ CVE-2023-25694,0,0,464fbfa1d242a161fe16a05493e4128187914fbebbfb66670b87d547dab2a CVE-2023-25695,0,0,bb4a715f34797be6d5b5310a52f10934c2ca2def44e00610c3d947967176af16,2023-11-07T04:09:08.003000 CVE-2023-25696,0,0,920703282199f13ec7ff226a4913933d3dda5fbf895421fd74b7e008067b9300,2023-11-07T04:09:08.073000 CVE-2023-25698,0,0,e56b7d935093bd493ce30761a0a46812c945e926647573c5d416569d592987ee,2023-05-25T16:27:29.670000 +CVE-2023-25699,1,1,6a92fe460514b718f9c9159af254d41849707ed5fb7821957e75ef7859ca95dd,2024-04-03T13:15:59.923000 CVE-2023-2570,0,0,8663252ec671c3b7a42e9d7664ba3c00e3ca93661a5d1c12b4a7aea331483c3b,2023-06-21T21:03:56.260000 CVE-2023-25700,0,0,df71a756eafc8f0c2c1757cb864d1ed6d6c386b8db0d927c9150d80b49761a82,2023-11-13T19:52:51.423000 CVE-2023-25702,0,0,478b32ffdd91425f5ae34d96cea2ce0295b6bdbe4293355e7dd899d7e42b63cb,2023-11-07T04:09:08.173000 @@ -224718,7 +224719,7 @@ CVE-2023-3442,0,0,1eb44644a323bbb8e968527d7f28d6bee1ceb4563a8ffff0dce4eb74ee9d39 CVE-2023-34420,0,0,b04cb5a678c58456b25bb057074ab261207412bb44636b48938bd48ec4752b05,2023-07-06T18:19:25.597000 CVE-2023-34421,0,0,1afb3be6c0911a9c6b293df81bd5ced0b64375bdf2029b65aa38d78f8f01a8d2,2023-07-06T18:17:47.483000 CVE-2023-34422,0,0,eb9855e536a2a0b5c3a73253dd1e43e10c4736706f2280ed64797a2b1994b06e,2023-07-06T18:17:32.040000 -CVE-2023-34423,0,0,bebca4b63863e4c73ba6e32782042fabaa64177490b24d08fe00f082f361fc8d,2024-04-03T08:15:48.990000 +CVE-2023-34423,0,1,09c0fefa9fe29194ef9f7a8129812e1c60a0ec9e4f41d14673279046e9df1084,2024-04-03T12:38:04.840000 CVE-2023-34425,0,0,47979c30722b419c087b6d33a971fc0b503362cd541563683d6da158a43a1de3,2023-08-03T16:59:34.220000 CVE-2023-34426,0,0,cc92da2771f9ceea77c31fc7ed7817fdc2f831263d853df180f53da16bed43d1,2023-10-12T22:47:54.743000 CVE-2023-34427,0,0,3b35f6139772d0088f029a44aaee6c3c2320b5fe67a17d0d19c59c03f39fa888,2023-11-07T04:15:36.237000 @@ -225376,7 +225377,7 @@ CVE-2023-35759,0,0,737d089372a13d311d938b6f73fbc87604835ac5d6e732c4dc0dc97aa37b2 CVE-2023-3576,0,0,afc3943dafc3dce0b127a1fe6f63cb13cec0d0d4331467a034b7ea0ef34bb624,2024-03-11T13:15:52.550000 CVE-2023-35762,0,0,d3d58c95cdc44cd1c3674a8efa00d524d00379a36ec6dd9b457951306765e9b9,2023-11-29T20:52:44.790000 CVE-2023-35763,0,0,d967a50d80e9fca1c8b396011c9adaeb43d2582130d44fa236f81f07f6cc7468,2023-11-07T04:15:57.230000 -CVE-2023-35764,0,0,a25bab4470a43ebc7d59b18ab7d0f65fc861e5b8439e53476e71ab4a1640bb51,2024-04-03T08:15:49.057000 +CVE-2023-35764,0,1,6622abc6bb124555cc544529811eea5efe919b804b7cf9eff97a1c87202d19e1,2024-04-03T12:38:04.840000 CVE-2023-35765,0,0,c9d756b3cf84f57072c1ddad827e0ca15c83ffcc92755c9945c039f52d670aa0,2023-07-13T22:38:39.083000 CVE-2023-35767,0,0,69cb7e1c27cc3ce4119e9432030af684b1b94cbaadafa0ad24f5ea89435542ae,2023-11-15T16:17:04.597000 CVE-2023-35769,0,0,a93a1833351023bcd3ef5a682b54d56afcf9b489312200ddd2957be40eb51418,2024-02-14T15:01:46.050000 @@ -227573,6 +227574,7 @@ CVE-2023-38722,0,0,671011fc37535d006e8bd4f6abb1cbe4df128c90fe5d2c6bd583ead77ce13 CVE-2023-38723,0,0,96134dfa5c8cc6a33ce702e38b1d00898c8a0da2b221bfaeb2380ab217692854,2024-03-13T12:33:51.697000 CVE-2023-38727,0,0,67e3acf0dbfaba760bdb5942f0f234a680ed76f81d4b3e56c5dc500c4ddf8ec4,2024-01-19T16:15:09.123000 CVE-2023-38728,0,0,4ae0aa245bfd2c5b381beb3353a88eb25960c87d2f2b539906ba0ee433f0dd76,2023-12-22T21:08:08.530000 +CVE-2023-38729,1,1,769ca7f206b2bc7917db8691ed03bde492fc120af77b05a0564fc9b315f3d4bf,2024-04-03T13:16:00.150000 CVE-2023-3873,0,0,16713e1487e45edefdc32bccb969e56ea62b42866183772c1f2674ba9329c9c9,2024-03-21T02:48:50.017000 CVE-2023-38730,0,0,23521025db1b5ddb82740780a2bfb531bdc7c9195786ef77914f5eb7dafc55fb,2023-08-29T04:41:34.817000 CVE-2023-38732,0,0,ce7babb7441c0f57518f4e9bdc9aab1724e3cc787e5da79116bc283b904f8db6,2023-08-26T02:25:55.780000 @@ -236066,6 +236068,7 @@ CVE-2023-52286,0,0,e3cc7081d095f3a23032a26323048d6596bbf2b2c2019700127ad6b34c3fb CVE-2023-52288,0,0,fdc8cfb88c9fca7195d89b1b10fd0faa7b6e4fc902824e291d86fba27daafd3b,2024-01-24T18:40:15.637000 CVE-2023-52289,0,0,1f6d262e6726a2c4a9b2e8c08858f47aee9c6687d08ddcc0a1d5481105c4b19c,2024-01-24T18:48:24.283000 CVE-2023-5229,0,0,c63670e2a38b6ea58305de35364e2f771fd3e463d4cd1d029ba69dd11d623a38,2023-11-08T18:35:10.590000 +CVE-2023-52296,1,1,39039284d20c6cbf724e37ac5906f4f948ea866fce0f5bafd5d1ca5e6593d57e,2024-04-03T13:16:00.360000 CVE-2023-5230,0,0,438699b5514b4ceefe4d8c1733138842dd2d26f6bfe2c290df4f68a8ce73aa28,2023-11-07T04:23:38.493000 CVE-2023-52302,0,0,7bd3c1af9cb53d17263165b1c3722e7acd53823308aae9fd993854c7c309f0d9,2024-01-05T12:14:39.403000 CVE-2023-52303,0,0,f7ccea07e1dbc34bd9321cb34f071eeb01566af26202e35f5609e4b282b6ea99,2024-01-05T12:14:41.567000 @@ -238064,7 +238067,7 @@ CVE-2024-0167,0,0,027478c01bb9e368b8b955ffcfe6cf0157d3f12fd6f001575264eb0737de22 CVE-2024-0168,0,0,2a4ccb9e93ab5cf9187b1ffd9ed8a3d1b35306fae82b7c0ecd296576f574564c,2024-02-16T13:40:44.663000 CVE-2024-0169,0,0,9a5cb9a4280854499904589e4e5a30de357c61c86f55eb6cefb60877151c0863,2024-02-15T06:24:58.003000 CVE-2024-0170,0,0,0cbf15fb7639d69463bb00902bb3bf03cb2541ac612ee0d14074f95d8e68ed31,2024-02-15T16:55:09.957000 -CVE-2024-0172,1,1,f441369ce9f7af9c37ab2d1b76b5b3c6f45127bc8eec4514291769de3fb25d8f,2024-04-03T10:15:08.030000 +CVE-2024-0172,0,1,b4d3bfa3f2afe51aea0c09278df25aa681a12ef6ca5f718df6980da085f76f3e,2024-04-03T12:38:04.840000 CVE-2024-0173,0,0,d1fb5e78ae857b85a3374741bdf6622aaccfba3406abb0a47a45dcb43bed998d,2024-03-13T18:15:58.530000 CVE-2024-0181,0,0,c1050c5202016d4fffbc70cf9d1bff4cba3b8f718272e69c2eff1ca91bb3d29a,2024-03-21T02:51:01.390000 CVE-2024-0182,0,0,3062efc93a04a74214b882701c7395972fd557e9c00c604a5426baec833f463b,2024-03-21T02:51:01.473000 @@ -238772,7 +238775,7 @@ CVE-2024-1019,0,0,27c6fed97db80e9684966512d657c2ae1b8d86be0f46f2f894fd714e51d0d5 CVE-2024-1020,0,0,9b7eeacadd4d76ec76728605c0db8aae240ef1fc144c6257f9c7e65cb09dd2fa,2024-03-21T02:51:32.967000 CVE-2024-1021,0,0,d3fe4312df2bfe064f4941a21f6f4666a77fafb9f2d9afcc4b51020ac4568dfa,2024-03-21T02:51:33.050000 CVE-2024-1022,0,0,92eabd9a227ab16e8407856a694e7e9e01a324b423fd407ba70bb701f1be5779,2024-03-21T02:51:33.147000 -CVE-2024-1023,0,0,dec230f26d22ede51cbf076d51307e2774373ae7afe267fedd1be71b462c41b3,2024-03-27T12:29:30.307000 +CVE-2024-1023,0,1,ff1747c91da6c239861d257099c48d2e04cae213566f0523203ad25b587b69be,2024-04-03T13:16:00.733000 CVE-2024-1024,0,0,ea71a00c45aa5902a3b0fb02fb7404209bfff88d5df9e8810a0e7b2f9f86b516,2024-03-21T02:51:33.253000 CVE-2024-1026,0,0,48873cd93146d9f73c9e135123d6db65c6e220d0cb92b24addaf7f355e44fc3c,2024-03-21T02:51:33.340000 CVE-2024-1027,0,0,8609c6f04ef7471989f7ab4db06446961f2059452d94ca5a358bdb526d5f18fb,2024-03-21T02:51:33.427000 @@ -238990,7 +238993,7 @@ CVE-2024-1294,0,0,9641429abe5a940a43824ce0a1ebfc70cc6e8bb9d03222022ce919558da2ba CVE-2024-1296,0,0,d628c54417435b81c9a35f9055b41796b04338bd627b433b683ddaaee5c39d70,2024-03-13T18:16:18.563000 CVE-2024-1297,0,0,1fc219bb038ab422185a999365115aff94759fe3e5ff94e3dc4180f1d6bc82d0,2024-02-20T19:50:53.960000 CVE-2024-1299,0,0,952d3e1978bc9a123968ee45cc4c039cf2f6a96c36b8ac699d5424c827f802f2,2024-03-07T13:52:27.110000 -CVE-2024-1300,0,0,3adc68993df4e9f45564133689c9e7c46a6bcc302a47482430042390d36223a8,2024-04-02T12:50:42.233000 +CVE-2024-1300,0,1,01bd5a0249099e2db9af48813bad94b706c98e435f9b0ade7c2c9613567d965e,2024-04-03T13:16:00.813000 CVE-2024-1301,0,0,ad76e593d116a58eeaf318bfd22383ec748ba7dfe41e7fb39acf2b71f8bc8595,2024-03-12T17:46:17.273000 CVE-2024-1302,0,0,0d92f40493f04fb89736b5d4813cc04155db2e6292914bd81a508f53301b17b8,2024-03-12T17:46:17.273000 CVE-2024-1303,0,0,2c083eedd4995023cbd1b7a6bdebb4abb78e7f89b28ee91bf701625b1108f30f,2024-03-12T17:46:17.273000 @@ -239009,7 +239012,7 @@ CVE-2024-1322,0,0,55eb557d746bd5b316565e48cf52968ab1ba8b0aa245d5ad47a485b7878e67 CVE-2024-1323,0,0,f857e29b0540aed96943a25b1179a5166e6aff501672f2c505f52ee84f4e77cb,2024-02-27T14:20:06.637000 CVE-2024-1325,0,0,7199af35ff2e8cfd23b32138b0b9e599397113796fb04772c3fb72835d4082cd,2024-03-20T13:00:16.367000 CVE-2024-1326,0,0,d4b57d64979c63005c678f4041f67f9ac306dded5913d0b931e59c58b61f1a75,2024-03-21T12:58:51.093000 -CVE-2024-1327,0,0,8d55cc0cb15135111d2f776c1b119f46e109711fa40e12063ce4ebd61400ca84,2024-04-03T03:15:08.703000 +CVE-2024-1327,0,1,1b6e3f0296467e9f6b424925712e479dea0088dc2698e1adadd7f96bd6f1e88d,2024-04-03T12:38:04.840000 CVE-2024-1328,0,0,170c1f134b7c1cc323cdf2a8e98021369f31203dcfb3a0aeb70d869d5dfa5df5,2024-03-12T12:40:13.500000 CVE-2024-1329,0,0,c251ab89131ed5db620ce7b9371daf5508a26377e3f0f0d0996003e3074e8cd1,2024-02-15T18:27:28.837000 CVE-2024-1331,0,0,65212442fb47c64d7fb614c7096a47cca7d14e4eea944c5151f6d9634fa6ce6d,2024-03-18T19:40:00.173000 @@ -239062,7 +239065,7 @@ CVE-2024-1390,0,0,760bcdaac2db269a3249aaa20e58e1659b2977bdb995748ef5e46a1ecb8544 CVE-2024-1391,0,0,d263861df201411e95604a0f8dea4a32aa5aa465f14e9d3ee26c7cf1dddcea30,2024-03-13T18:15:58.530000 CVE-2024-1392,0,0,854e6aa0a85eb7f6e01984f9f2b39f09c3e464c67a90f670cafc735773e56736,2024-03-13T18:15:58.530000 CVE-2024-1393,0,0,139d32a27df25f29abc2bcda3159db69b338e05c68d7680abed80afd815e8ff5,2024-03-13T18:15:58.530000 -CVE-2024-1394,0,0,9fd25f139497faf3d09cd4c7c7f23192c9f9f894fc8db339ef20762626f362d0,2024-04-03T00:15:08.400000 +CVE-2024-1394,0,1,03da9cca513afc12857187e76f6187ccae11463dc1c1c050f3982b6d60a0d7f8,2024-04-03T13:16:00.903000 CVE-2024-1397,0,0,e6d8c9c2beca75d3fdc5f918cb423cf21913a9c807f46126d5b49c29c7bd60f0,2024-03-13T12:33:51.697000 CVE-2024-1398,0,0,7a7783e481aa897afa83bd125da0d53c431d5a5a9d43f1ade8b1e715449f59a0,2024-03-04T13:58:23.447000 CVE-2024-1400,0,0,295a10f36c3e13d694d09cafc6872c0c48f9e2b4c87da0889327ecdac7abe4ac,2024-03-12T12:40:13.500000 @@ -239418,7 +239421,7 @@ CVE-2024-1973,0,0,7e572d102b77b447a07e2619921bbb7e602276924c210475f15b92aa04c8d9 CVE-2024-1976,0,0,77ae2df323cf6637a14fb06bcb46d711f13422518ce52e9430227e1e91ad53e3,2024-02-29T13:49:29.390000 CVE-2024-1977,0,0,a7692b2da3b0113a60567ddf6634026c09e0a2eeec7666bb0cdf204455073a9e,2024-02-29T13:49:29.390000 CVE-2024-1978,0,0,3ef3e0470f639541e7aa5332764a4fdc0e9cab2190d02bdfffcc246fd4ade338,2024-02-29T13:49:29.390000 -CVE-2024-1979,0,0,32edf64c224b12a39425e5b66e1ea360c68d898ece9e593279cba6ece0e6cd69,2024-03-13T12:33:51.697000 +CVE-2024-1979,0,1,cc9dc9ac6cc8a95dd98863a7334b2cf30748679b66f27f42154ef38cb6efa33e,2024-04-03T13:16:01.070000 CVE-2024-1981,0,0,56a3a9db8d42e012d762fd6941fad1981a0b2b42e5454cd6b5d1b42406dba2ca,2024-02-29T13:49:29.390000 CVE-2024-1982,0,0,ffbc05dfb227c410b4f1143a120edd4d2849f76b514d8ea46cab15f8dbe11320,2024-02-29T13:49:29.390000 CVE-2024-1983,0,0,fcf7ebbcd94e966d76959304d24a0cdc8c90b0662f61346df497813a9f686878,2024-03-20T13:00:16.367000 @@ -240412,6 +240415,7 @@ CVE-2024-22353,0,0,dcde4e1942667b685d2979f87ac00f95d42a8fc5d16f7dbd8bc9f66a2b78d CVE-2024-22355,0,0,90575169d286b28c7ce02c7d947a264d77a6f25776530138b50b2f2dbc394220,2024-03-04T13:58:23.447000 CVE-2024-22356,0,0,bcc46874c9752933a72230517b74ad7a7a0d54dc67e233e91127533dfceeba1c,2024-03-26T17:09:53.043000 CVE-2024-2236,0,0,17401211af38608097c003c3b08d6e3d90e3570b70699d89a2e396d5b72c602a,2024-03-07T13:52:27.110000 +CVE-2024-22360,1,1,b1577e7bfead8752c54e85cf141f051b4ea451dd86444e439701d0840d08465e,2024-04-03T13:16:01.183000 CVE-2024-22361,0,0,2cb34447b61b8680c66e6f142987700b31f9f16d4e9b8d748c59e5b8ad5a9a29,2024-02-16T21:35:31.953000 CVE-2024-22362,0,0,826381d745a7bfa89e56ba8a6fed4317ed24204ea30e248bcffb2a9894398594,2024-03-21T02:52:03.063000 CVE-2024-22365,0,0,b09f0e3dd0fc2bf60706805e33c1f78b209416e9ed2aa43cb1cfb00b1fe90d17,2024-02-14T00:27:40.143000 @@ -240728,7 +240732,7 @@ CVE-2024-23216,0,0,d31cf79f0e0002ccd6cefbbd80cf2528661bbd5cad33e2a0e68797e05d7e6 CVE-2024-23217,0,0,cc84cc9fbaed6c93db4e04f742b697db9d331caaf1223ec4b2166e0d765a110d,2024-03-13T22:15:09.273000 CVE-2024-23218,0,0,f9c63856068e91ff9b0c8acaa8fa5ee60b89ba853d892da3a1b57a30a48d466d,2024-03-13T23:15:46.027000 CVE-2024-23219,0,0,6138a00dd33e643c6da7ab985c8bb39139630ef127b2b12e557a72994a3a6de9,2024-01-30T14:36:42.017000 -CVE-2024-2322,0,0,c3409f87d176dd7bd690812e8ed6ee1b898f29f37b7039b127008a0b54bb3ade,2024-04-03T05:15:47.920000 +CVE-2024-2322,0,1,60b35ad3bf9bd02d33facbaf1ddda5c64733f8e2d54364bad1f80ec56ba91bbf,2024-04-03T12:38:04.840000 CVE-2024-23220,0,0,8ac5f8ea712aad989eb58875485617fa914d9322cd1efd90091219b5c7412925,2024-03-13T23:15:46.087000 CVE-2024-23222,0,0,61f0a7f2953909b2da411f5647bebd2574cadd0ed79ad62454a1a9b27d6b5ecc,2024-03-08T02:15:47.547000 CVE-2024-23223,0,0,d780b4d6e2ed4fd16bbb8e5d6b950b4f66cdf843fe3ec44eff85a2bd755e98e1,2024-01-27T03:48:24.797000 @@ -241318,7 +241322,7 @@ CVE-2024-24497,0,0,508098c217acb7b8b140ecd382edc9fe44597401eccd971d6c1417d26c569 CVE-2024-24498,0,0,753379bf38359db11676987b60d3fc62d861f4b4d9e21b1906af1fc91bba7195,2024-02-12T14:31:21.610000 CVE-2024-24499,0,0,f3fa195f99d03c816961a79dfcc5225a65897f0a2c13286167d69ca586129263,2024-02-12T14:31:04.057000 CVE-2024-2450,0,0,00768fb37fabbe59aaa05a2b15e979f5b194f2b002bbfb5602d5ad6df849f0ce,2024-03-15T12:53:06.423000 -CVE-2024-24506,0,0,8bdb8b575582b65171fbd445f2fa29f3a52b91d8a7cf1e3363f2ce7e9e04ffe2,2024-04-03T07:15:42.663000 +CVE-2024-24506,0,1,e61e773fa9130f4d91d19f538e9680b88b3d221c4a4c885492956cab65f5dd2f,2024-04-03T12:38:04.840000 CVE-2024-24511,0,0,c2a15768e4699e22cbf5e8595792dbc9bf48071b723d524443a4f83d9a5c3ab8,2024-03-04T13:58:23.447000 CVE-2024-24512,0,0,03c51f88444f0be6fcfaff8e371681e3a1a1d007832a9bf8fa7088f13cfe5d40,2024-03-04T13:58:23.447000 CVE-2024-2452,0,0,dc7f1023137a78f11f48bc3cf8f72ec03aa67efff74760d3d778cb44b3110a19,2024-03-26T17:09:53.043000 @@ -241386,6 +241390,7 @@ CVE-2024-24701,0,0,c388b86a0d2431583cec02e78e4c710434d60dfd05269a5125b21a1498f26 CVE-2024-24702,0,0,68169c2ba8781d542981a3a82b3dbedd86a42bda996e358152d83922edc27359,2024-02-29T13:49:47.277000 CVE-2024-24705,0,0,ec2ce8236049f46f3eb88b140e7ef49b1684c75c01d49904df6e6b36582e7ddd,2024-02-29T13:49:47.277000 CVE-2024-24706,0,0,4d433b03a4c26ebc6bd4b9712c01509648b3f2cecc7341b14e252b0e38dfa793,2024-02-15T02:09:50.480000 +CVE-2024-24707,1,1,c8b48fefbd27b5dbb2aaacda2e962a85f89e1b6dd91d3262ec79bf92d5158015,2024-04-03T13:16:01.383000 CVE-2024-24708,0,0,0f8e81f3aba5b23c6e778b4d19d5d812998e1b5ce45774f77b59373f3047230f,2024-02-29T13:49:29.390000 CVE-2024-24711,0,0,5c25fab34a5071c77f4fe30781ea1d599a845486544449ee6790bb4d57dacb97,2024-03-26T12:55:05.010000 CVE-2024-24712,0,0,3eb883409ceb5cd8ab7cfb2c23165937e7138a0fdba93206148a8d8c39991d81,2024-02-16T14:48:04.207000 @@ -241397,7 +241402,7 @@ CVE-2024-24719,0,0,53d485bbb875667c1b97b60d8680f27a8ef59cc7392ee19e2e920694ad71f CVE-2024-24720,0,0,168cdc237ea9af641a6fa55d263239a522401ac618a437c23183ffc24b80de9d,2024-02-27T14:20:06.637000 CVE-2024-24721,0,0,f811f7b97630e39f8e09dfe35ae447277604cf213cb4d45448493cc8fa15fbc5,2024-02-27T14:20:06.637000 CVE-2024-24722,0,0,952e66641f17a0fb9dfe3803e528e36e48f057663a4934472c4c7db463b9f3c7,2024-02-20T19:50:53.960000 -CVE-2024-24724,0,0,61ed7efab8e4e8c9b07661ec7209454039541f6fbe35b36f09ac974bd8fb2a97,2024-04-03T03:15:09.173000 +CVE-2024-24724,0,1,e42eaee1eef35b64cf72e5bbda0c5779a84559031ee2ff005968828ccd5bd355,2024-04-03T12:38:04.840000 CVE-2024-24725,0,0,6c07227491b375222d8eb03a2494a99e24d16433f657fec991bbb466094438c3,2024-03-25T01:51:01.223000 CVE-2024-24736,0,0,608c2f3e65ddbb1c2eb07c75b404de7eb78db210e5f752bbc8c9942f5e722b68,2024-02-02T02:08:23.417000 CVE-2024-24739,0,0,0429371c5cb9ecc13abbb3d02a9a54fdca7eb3accb432d640f9262793fd2a716,2024-02-13T14:01:40.577000 @@ -241588,11 +241593,13 @@ CVE-2024-25006,0,0,c414b5ce0a5aca9d12e72e07e5e6c8a1c9166fcb862e4319cd46e89cdea2d CVE-2024-25016,0,0,b2e53a7c89b3634211a0ab97be429b79a4ba549d8d66332fe5eecf2928e6745c,2024-03-04T13:58:23.447000 CVE-2024-25021,0,0,62a0335232b74d01ee7f015949b10a01e944590aa7448fb13b5616593f03b63e,2024-02-22T19:07:27.197000 CVE-2024-25027,0,0,506fa0f038304c2bb065c6aafbb038363984a8c8037945872a1b74013246a31c,2024-04-02T17:57:34.440000 +CVE-2024-25030,1,1,eead58c8d1150b9357f4d1b2c1ab011f2f4e7aec84a318e3a4b62d092653dcd9,2024-04-03T13:16:01.590000 +CVE-2024-25046,1,1,288f480b9aeca380a275cf69703a9a4d7730be8122dc7a2d42deae7074433f6f,2024-04-03T13:16:01.790000 CVE-2024-25062,0,0,9596ed5cf07a8bc8469d4afc28fc727a431af7cff3b6b8e84435c301d9955756,2024-02-13T00:40:40.503000 CVE-2024-25063,0,0,8296c4ac18003d6d927b0c45a19a753add4384ce34fc59926d1f36a726ce4dbf,2024-03-04T22:45:02.117000 CVE-2024-25064,0,0,e90e896eb449d7ccff000c59a6c6d8569d7a679ad8db09883eafe6b89f6c07ea,2024-03-04T22:43:15.337000 CVE-2024-25065,0,0,8789f3e0c0f1a18215b02ec07e51d2392ffb2b6e5c0102b29d290a5bd7708b34,2024-02-29T13:49:29.390000 -CVE-2024-25075,0,0,2aa5cd5067972c72a2e36cfa51abb5192c9ee21f8d4e5eb216ab58d822a7f583,2024-04-02T21:15:45.900000 +CVE-2024-25075,0,1,8f1ad7795ac9be7789e9412ad24a6f478ed4bba46ede8202f16d701d6f470c93,2024-04-03T12:38:04.840000 CVE-2024-25080,0,0,c2315cfef210d8345928c4a9163370b64862367865b16b8bb051dd985f4be107,2024-04-01T12:49:00.877000 CVE-2024-25081,0,0,c28ed534590feb1739659669df4a7c74247df29d1ac0d5daa9ed512959af803c,2024-03-23T03:15:11.330000 CVE-2024-25082,0,0,0376e5832e39b19bc504b78433ebb158054a5715ce980118648e2b6c7f603eff,2024-03-23T03:15:11.393000 @@ -241601,6 +241608,7 @@ CVE-2024-25089,0,0,5efabd2c26974f37d1846cb1668b5b36df31dff51c549d5b8d4c512bfb0c7 CVE-2024-25091,0,0,01b357047b564e780ed13b7e87b2fb8ec79ae12ad4e744cc9437e3dc74a94964,2024-03-01T14:04:04.827000 CVE-2024-25093,0,0,c29d732f68144a1dd5d537415c8d51940073ac1e6ff114431aa6a52d78b263f0,2024-02-29T13:49:29.390000 CVE-2024-25094,0,0,6ba9f5c53aa4aac51446efc522144ae35e985d8a070a664685b43e0df39aa007,2024-02-29T13:49:29.390000 +CVE-2024-25096,1,1,a501381610ada5229a45c8d0a176a52dcbb0ce07747d1b41bb94b9415bf24702,2024-04-03T13:16:02.017000 CVE-2024-25097,0,0,3611107873761535a1eebacf76ff61b5dea6765240f13429484902af14526286,2024-03-13T18:15:58.530000 CVE-2024-25098,0,0,028b98ef9a2084a8173d1d38eecdc4136ac8af6138dca7ba8312806912dc26e0,2024-02-29T13:49:29.390000 CVE-2024-25099,0,0,02a4d0e182c31d1636be1b8bb70f3b551292fc264bca44262b4c213c2a120e6b,2024-03-13T18:15:58.530000 @@ -241971,7 +241979,7 @@ CVE-2024-25854,0,0,46fbf43a98bd39907390458f316c987060b7ad9ff54021918a7edbe500e3d CVE-2024-25858,0,0,e3703a6486af47542a5758b9a0dbed02e4c149644fb605d74af0ebc4b01ef273,2024-03-06T15:18:08.093000 CVE-2024-25859,0,0,535afe19fadca146fcb852c884e13f1f96dd0ffd0b267def3f0a58c94171106c,2024-02-29T13:49:47.277000 CVE-2024-2586,0,0,6350f9931266944c12490221ee20b19d4e2f937e8ccc02710c0c7828d8712797,2024-03-18T19:40:00.173000 -CVE-2024-25864,0,0,072115d31f08736422e8895e868c0824263f9ab97e08ccf9fabbd71af2f3b65f,2024-04-03T03:15:09.350000 +CVE-2024-25864,0,1,bbdc876c67f6d59e585ca102c37ce8a1861aaba2f23b8fa4f38e4dc87ed87b47,2024-04-03T12:38:04.840000 CVE-2024-25865,0,0,3c1600c9938d3c741a0c565875112497fc6aab8ca57710df7f556dbbd2f4c5d8,2024-03-04T13:58:23.447000 CVE-2024-25866,0,0,9bc37773bde3a2ace3609430b84db3f157b10cdf405491b3720aaee30ab1d883,2024-02-29T13:49:47.277000 CVE-2024-25867,0,0,c245bf99284b583dd6d6f394a291153c7419973184645ffe8ce7f995e790edb9,2024-02-29T13:49:47.277000 @@ -242004,6 +242012,7 @@ CVE-2024-25913,0,0,adbe1d51d998e7755c9e21c2f8e4899af91a4a0cc057128b5afa1c44996ee CVE-2024-25914,0,0,6c21c235c508fdd4e37939a7918e64e3dd4e50979a576bdc305d842a25f11a05,2024-02-13T14:01:07.747000 CVE-2024-25915,0,0,2b3eb3b61519c3cc7ec9c696d86f766a5ba91455b2def2592d7df0099d9b76fa,2024-02-23T16:14:43.447000 CVE-2024-25916,0,0,fd67fe38751dcee5e685d1168694fd860012e656006cfe93ceab898ad49c641f,2024-03-15T16:26:49.320000 +CVE-2024-25918,1,1,1f27cc1f5ef8a65e6a154134d4a53a9d6f447cbdce444b0a5a08dab908f386bd,2024-04-03T12:38:04.840000 CVE-2024-25919,0,0,5218810224fbf56f6083cabf959c1cac12534ba7273f9a4eb37375eb636b2ae1,2024-03-15T16:26:49.320000 CVE-2024-2592,0,0,82585bae4fa7f314917b7ba7f0e03f283a0c4f763802d50150853f7239d1bc1b,2024-03-18T19:40:00.173000 CVE-2024-25920,0,0,94ff03356ded2e8c1531b05296ce05ed12081a8bfdbdad9166a21df9ab3cb6e8,2024-03-27T12:29:30.307000 @@ -242289,7 +242298,7 @@ CVE-2024-2649,0,0,d94342a82ea1b48d654a74591af18489b25bdcf59dab6bf0b9f710b6366d30 CVE-2024-26490,0,0,b6f6bbce17cb8b3e0d7ffc74af2883f439e6d11d15d184e2f1a2e43e85a99a1d,2024-02-22T19:07:27.197000 CVE-2024-26491,0,0,73ef4da115c90ed06a18a1a334653b2533761b4f911c3db9814bd0d18285bcac,2024-02-22T19:07:27.197000 CVE-2024-26492,0,0,223ddadc0c7efe7b0886f487630808be0927541c8864c0a1df96647191c41c4f,2024-03-08T14:02:57.420000 -CVE-2024-26495,0,0,5b25a5cb2e252ffb4e14dc3a84c72ae1fc351f7094f755c3d759352e9dcef50a,2024-04-03T03:15:09.533000 +CVE-2024-26495,0,1,bbb6b231bf109fc8acfd5241f02faec1361b46bca779b6926f0190dbd5a53c19,2024-04-03T12:38:04.840000 CVE-2024-26503,0,0,d0f374031f3bfa957597401c8f88ca58d151627558fd63926354c04ec0b8dff2,2024-03-15T12:53:06.423000 CVE-2024-26521,0,0,0e3dff2f526dd01b3807e889e548f69877c6fbe716f338bf9b68ff7b3cd2a892,2024-03-12T12:40:13.500000 CVE-2024-26529,0,0,ceb7dffe95e5cd49d7bba0e418c1f06e328c8386f0796095312ed90a87d2d1b6,2024-03-13T12:33:51.697000 @@ -242477,6 +242486,7 @@ CVE-2024-27188,0,0,0a250e5949948eb56c4e7cf9856d7a21d10f3e8b950f62db4c44a6dd21c9f CVE-2024-27189,0,0,515e61fa1831b3fd92525b0004dfafde618646c72fb29e4527e0a2fb9466806f,2024-03-15T16:26:49.320000 CVE-2024-2719,0,0,a4ab17264d9d4de02148162ae470cd2b2fdd972306f561edebd77c0e41dd9d7a,2024-03-21T12:58:51.093000 CVE-2024-27190,0,0,1aa0bf9b04d8ad0cd0d83da443ced72d3db96666d7e8636691ac4635aaeee635,2024-03-21T19:47:03.943000 +CVE-2024-27191,1,1,c59b146584f3b3c53db5efa7d88848518f278a0fdbf3dc303e796a9d406dfa86,2024-04-03T12:38:04.840000 CVE-2024-27192,0,0,0ff7a489a9c185cda73564233ae30b76c3279bb0d352bc83dbf6b8e10c6212e5,2024-03-15T16:26:49.320000 CVE-2024-27193,0,0,1a2f1126258ed9b0f5281770f95fad5056f0f1e4993150f3d871f6ef458a3533,2024-03-15T16:26:49.320000 CVE-2024-27194,0,0,b8200fea2f0a79d9b8f1fbf40aca3e6d111a7a732357978a250e1964deaa7251,2024-03-17T22:38:29.433000 @@ -242520,6 +242530,7 @@ CVE-2024-27236,0,0,050a1052e26047f2e5d0b58d8351e3e856ec1c52f1b2daf95f02084addfb0 CVE-2024-27237,0,0,952387726c7567ea2371af0e500cab297b027867a108431eaa82a39745a31338,2024-03-12T12:40:13.500000 CVE-2024-2724,0,0,890ae7d14540888ae4d0300e6c3327b78b165387c35f98da98215dff4a44bb25,2024-03-22T15:34:43.663000 CVE-2024-2725,0,0,7cb31ae5832528a9cc7de2e461a09450be9145e26468abe7975abc97f0008d6e,2024-03-22T15:34:43.663000 +CVE-2024-27254,1,1,a0bd76be660e25bb457e2810063b8be0c7f283d959df6e0620ec741a1dd3de4c,2024-04-03T13:16:02.220000 CVE-2024-27255,0,0,07d4523d50b3b6ceec1ed85c31e8859376bfd63a9732f2f4d2cf6e5b4c34b76b,2024-03-04T13:58:23.447000 CVE-2024-2726,0,0,670b2be162ea05000bb5b040a32b1dee9c94eee7d1b48ed8e7d2e78e98ae50a2,2024-03-22T15:34:43.663000 CVE-2024-27265,0,0,caf2cbef481f9d0206d06f75a38ca052c5291ba0582e91875cea8f52e6d86a34,2024-03-19T16:52:02.767000 @@ -242609,9 +242620,9 @@ CVE-2024-27569,0,0,a1c97a6629a14374fe383c8737fbd058f9c69e29cacac5f65c8ee536732ce CVE-2024-27570,0,0,bb5768b9abe1d66233dd488033991c033e73d40122830f230bd575bce0ee2d3c,2024-03-01T15:23:36.177000 CVE-2024-27571,0,0,c83a44f9887d08cabab3b2a4f270c8d7a63fba9a80bea6bcef31fb59117b7c4c,2024-03-01T15:23:36.177000 CVE-2024-27572,0,0,ad4311ae425bc6b17f909abcd4c2456b040031c823802764df1b154118e12883,2024-03-01T15:23:36.177000 -CVE-2024-27602,0,0,e5830b216a133f7a3f10bc3702ff8e3bcee15e99f1e5c5508ebd65c566c226f3,2024-04-02T21:15:45.957000 -CVE-2024-27604,0,0,2780a4be3d0ae0f5c74628b551ba587552801984ef20a0da5a32b739149c6a21,2024-04-02T21:15:46.010000 -CVE-2024-27605,0,0,4b55b7321a95a0675e7ab887a75cd02fd49b213b81a061d8e81a3472e74a46ca,2024-04-02T21:15:46.060000 +CVE-2024-27602,0,1,641d004f193cbc187bf560868353a5607871444565457a2a1f222c57bafe0082,2024-04-03T12:38:04.840000 +CVE-2024-27604,0,1,5dd90a20288c95f7805059ddcbf501c6de9e3b933a16f752b43bf101ed5f2058,2024-04-03T12:38:04.840000 +CVE-2024-27605,0,1,4f744199930e3e7e9b7f220c4e73a81bb4fe207bf4ecc2f618ea8f6d8437d165,2024-04-03T12:38:04.840000 CVE-2024-27609,0,0,5e824357e4183ab719c4b74c8b8f75258087ffff9b9d5d9bfa2e37f5fe8c146d,2024-04-01T01:12:59.077000 CVE-2024-27612,0,0,c510222cc98aeecd84a141efbf806cb4a31be0185bd980ef0ea0993f9e29a425,2024-03-08T14:02:57.420000 CVE-2024-27613,0,0,55e42cf2e4639a6096ea75af39dc974125f1048dbd4b80fc4aa61dc42e00d85d,2024-03-08T14:02:57.420000 @@ -242710,6 +242721,7 @@ CVE-2024-2794,0,0,759cf6525781306722e41aca6a100ccb37df35d975f73aac822206bcb71057 CVE-2024-27948,0,0,67e156b37ac5c6da6ca4063513792c829bdbe8e804f7b01b28e54c9fc1c182b2,2024-02-29T13:49:47.277000 CVE-2024-27949,0,0,12ee9b935394b527d1677a59b517c94d0df067a0b32bfff31d7cb2be5b4b5d00,2024-03-01T14:04:26.010000 CVE-2024-27950,0,0,56d632dad56c45d949d3327de16e5b70b08683cea8ce7876ca8c59cc37ee8062,2024-03-01T14:04:04.827000 +CVE-2024-27951,1,1,5214bf0ae78cade4639f395d688589b65103945d0e777f1316108089a3cd002d,2024-04-03T12:38:04.840000 CVE-2024-27952,0,0,184c933cd3d4f7d9f291de87daadba6c6d2dcb57a0cab449b4798a27658d2d98,2024-03-13T18:15:58.530000 CVE-2024-27953,0,0,9606a5ea342585cc8ea605f674c63e8d870327e37e1ba285dba38be6126632a2,2024-03-13T18:15:58.530000 CVE-2024-27956,0,0,eeea096f0e7e7487ea049c194ac62702e3efa47a3d999d9e69a572f09e5c15e8,2024-03-21T19:47:03.943000 @@ -242723,6 +242735,7 @@ CVE-2024-27963,0,0,1fe8e45c3046e4191d77b36670840383914d58f1ba31efb184b266de4ae6b CVE-2024-27964,0,0,f723b903bea75dee5cd9d094fb735ccf35df44ec2a2fe82d8cd63bd7e33ad323,2024-03-21T19:47:03.943000 CVE-2024-27965,0,0,07b2c962b6af72a3fa4d6e0cca49f1bed68d7474aaf9839141a5bebbc2988945,2024-03-21T19:47:03.943000 CVE-2024-27968,0,0,62d1484625b8ff1b6da2393031085b35a7b07168c520f9d4ac0420345380cdc9,2024-03-21T19:47:03.943000 +CVE-2024-27972,1,1,5f2a44ef4455f2392170f0062af4e1f33c4163a5c961cda58ad08221f3c689b8,2024-04-03T12:38:04.840000 CVE-2024-27974,0,0,c5d12161a6a294fb4d33a068888d07d2dec693f9073d8d47f06182bf4fe2779a,2024-03-18T12:38:25.490000 CVE-2024-27986,0,0,221ac31a72264e8303bc0dc716d0bcad27f92aa2e3b64824247f9d02601983b8,2024-03-14T12:52:09.877000 CVE-2024-27987,0,0,ce6fd0b1730cd837f285c0aaaa1258cf6aa8505469e7f313401adb363ee7f395,2024-03-15T12:53:06.423000 @@ -242857,7 +242870,7 @@ CVE-2024-28213,0,0,123dce2bcd1dc69568d6c5cbaff040ae81dbab0468f48456713cfbf9a03f5 CVE-2024-28214,0,0,76f80df1e3db719174c664a8c6faf2adc85abffc04e0a27143c2db72f7cc0ddc,2024-03-07T13:52:27.110000 CVE-2024-28215,0,0,b75c62903069d346adeb5d4d830666ec30aba706366e0a1ba743e223df9965c6,2024-03-07T13:52:27.110000 CVE-2024-28216,0,0,2a9c0d9bf26dcccba11f21ba5b773a9b1fa8ef0ca0bd0ec8330c8d19a1d9d1ca,2024-03-07T13:52:27.110000 -CVE-2024-28219,0,0,96b8163cc2758d41f3dda61b5eb9e34fb9c7f80c62e5383c99af22045d49253b,2024-04-03T03:15:09.710000 +CVE-2024-28219,0,1,5d1482e6721cb93d62e502f1f8ab261cac73f35af60759ddf9b75d97f371a8d4,2024-04-03T12:38:04.840000 CVE-2024-2822,0,0,2610f5ce96e467cfdfbe88a0a281a09b1b1b71407e2f991a84e93422cf7c0761,2024-03-22T19:02:10.300000 CVE-2024-28222,0,0,fc2bb6625872999de46c3fec787964c81811fbafba85fd6aa0a9c0c190c12038,2024-03-07T13:52:27.110000 CVE-2024-28226,0,0,60d2b317d558a952126fd2c59e7791a3132f61184750bcc6e4113640853620c0,2024-04-02T12:50:42.233000 @@ -242947,7 +242960,7 @@ CVE-2024-2848,0,0,a4d9bf4c4cd104d99430baa68a796e04878fb2cfe61d9d35640dc4c26856b3 CVE-2024-2849,0,0,689f01009061efff1ee0cd29db14c96053c4b561f68402f2590b4aaf791eded8,2024-03-26T09:15:11.360000 CVE-2024-2850,0,0,18a7df7924646d54c8018dc44d3ceaaa7b16c75f99276cbe6ac98b765122f744,2024-03-26T03:15:24.927000 CVE-2024-2851,0,0,9a668cf4331e419a65111b1e6f8abf3e27bc0fce212b623cd8a47fdd549e170b,2024-03-26T03:15:36.833000 -CVE-2024-28515,0,0,35b038047eb6316aea54859ad33624425221030ff86791c3b78fcfdfd76d5f31,2024-04-03T07:15:44.240000 +CVE-2024-28515,0,1,a2f38351769a80f01f300fd8c83038fe9060fc0b0320f8b6c711930dd11ec84b,2024-04-03T12:38:04.840000 CVE-2024-2852,0,0,d7c0051b0398ed6771fdd69c5942366e1b233545fdf7340abf88db5b663c134a,2024-03-26T03:15:47.310000 CVE-2024-28521,0,0,8ab5b6bd1cc025dda03cab07eeddd7e1f81756c34e55025f1870bf6a0feb8a5b,2024-03-22T12:45:36.130000 CVE-2024-2853,0,0,e510059736f729514b8634c28eabbedda89b99502b90c04b4a57c0f56252c1ab,2024-03-26T03:15:50.793000 @@ -242986,7 +242999,7 @@ CVE-2024-28581,0,0,0da5c13c4b85d9bb8c608869fbe145c4047aa7b262d3dbb32ca42932b0c65 CVE-2024-28582,0,0,c8d9c6f6a1d338659902e37adbb04b12fb77269e6591f5ca5a12aad10c123c1f,2024-03-20T13:00:16.367000 CVE-2024-28583,0,0,7f3ab6d4f4ab97c0265937ef4d115a2fa3e5739f0ab5531555f42d21c39d5f43,2024-03-20T13:00:16.367000 CVE-2024-28584,0,0,30acc0576141383424b25d4ae09660ec9df2b394d12270056a0fa465700d0ad8,2024-03-20T13:00:16.367000 -CVE-2024-28589,0,0,6a763303ae10f3b1f3e1b658b08495ab1ba4946bfe2a1aa40a82fe7d3d12febe,2024-04-03T08:15:49.117000 +CVE-2024-28589,0,1,0bbfba634be0a6220fb48d12550a4d1e9192f3d277848f34860717c51da56d55,2024-04-03T12:38:04.840000 CVE-2024-28593,0,0,3589e0bd6bcc642b0735aaa1e50dd022f336ec4dcb26e9d3f97bf8fabcebcecc,2024-03-22T15:34:43.663000 CVE-2024-28595,0,0,ef113c40b1e587c7577ee3cf38a094a31c4af04143b7a8e19edb798f98163070,2024-03-20T13:00:16.367000 CVE-2024-2862,0,0,a714f5e8cb944f65576648fcdb042cca021906895d812cc8cb0301d4fdfba94b,2024-03-25T13:47:14.087000 @@ -243028,11 +243041,12 @@ CVE-2024-28746,0,0,4e08f19b517756fb15fbaf966494c1aeec3b9803b4e2b615b4d5a557eb48c CVE-2024-28752,0,0,b6856abb589c0fed02798f341901c4f3025e287fced11706e9fa0c89b392cd6a,2024-03-15T12:53:06.423000 CVE-2024-28753,0,0,73ca850c1b6879daba607bc61d7d16457b56173a47004b8bff799b514a526c36,2024-03-11T01:32:39.697000 CVE-2024-28754,0,0,9281349f951cf3fa92b3f484f1e5f3e3b9f20229dcabe6872ba34e9bebaf3b2c,2024-03-11T01:32:39.697000 -CVE-2024-28755,0,0,d8e70b6feecd2d9479b0f2ba8ec50cb5b92771018872e694ce5b47c4c7854f5a,2024-04-03T03:15:10.140000 +CVE-2024-28755,0,1,1b8336cb8aec54928e95e2838923ef63de390c1d6a172c9e230fb0e16707e4c5,2024-04-03T12:38:04.840000 CVE-2024-28756,0,0,25c89ab9b64cbd69060fc1b1f68e4f1c76ee574185097dbf9146fc8b2b315bf5,2024-03-22T12:45:36.130000 CVE-2024-28757,0,0,6f674e74da8b1d303f1997061736a8f7699c424c20f0aba68e441f140f441071,2024-03-23T03:15:11.920000 +CVE-2024-28782,1,1,493e55169735d5727cf0c0e734e42ef2baf23f206bb8e4370c0853d4f8c42678,2024-04-03T12:38:04.840000 CVE-2024-28784,0,0,2bc1ea2e712d4e90db6a7b931c77b9f29985433c42fe688e3c826f016a685898,2024-03-27T15:49:51.300000 -CVE-2024-2879,0,0,e7a302f185925be9ccaffb695525d3b134bf5faeae09d67fb766c80bfb8ac7a3,2024-04-03T04:15:11.960000 +CVE-2024-2879,0,1,054a6fdcadc9bcaaea40956329fc48dac6cafc8e30cc5dab57e2d3f376caf457,2024-04-03T12:38:04.840000 CVE-2024-28815,0,0,f9ba7e38674697b7d17d51e7b24c9c896d5b8cd72333d8b6833bda1b0cb49c74,2024-03-27T12:29:30.307000 CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000 CVE-2024-28823,0,0,d5aa89b5cdac6c3847ac374cba2a65b191e57c43dc618aabb1da571ab5b5e9dc,2024-03-11T12:47:42.653000 @@ -243040,7 +243054,7 @@ CVE-2024-28824,0,0,29abf61aa992ee5bcede73dcd8363195f5ccb0f240073ed24aaff3a2acefa CVE-2024-2883,0,0,e66be81816608580e2e81ffcb02cca4ae9a2aa5cbea60907cc2e1d80cffbaf4a,2024-03-29T04:15:08.743000 CVE-2024-28834,0,0,841718fd8fddff124f231102263dad7d394e02b19e9697b20d411d85f567df2c,2024-03-21T15:24:35.093000 CVE-2024-28835,0,0,807354fa6b4609be92d801df299988ca81259642594a0e94cba8cafe4de90346,2024-03-21T12:58:51.093000 -CVE-2024-28836,0,0,066ccacbec0833d0cfa816bc947cb713f682975562b2cdd6aac36c4fca0e0b8f,2024-04-03T03:15:10.350000 +CVE-2024-28836,0,1,ef9665bb9a0895616f82c07b3b8f93ecbb9dcd318a88906096e3fd29af01d6df,2024-04-03T12:38:04.840000 CVE-2024-28847,0,0,77ca7298b6799783b77992e414cebfaaf69a1bd2c05124cbdf6b914d3e0bb310,2024-03-17T22:38:29.433000 CVE-2024-28848,0,0,f738fe56a5bc4cdb728fabdb4b9cb52618afbf9827db3dbc12ec3f1fb91169bf,2024-03-21T02:52:25.197000 CVE-2024-28849,0,0,5e73d26630408070b9f2d0554aca63f533ce0044a2d97ed66eab06494ab2be18,2024-03-23T03:15:11.970000 @@ -243235,9 +243249,9 @@ CVE-2024-2941,0,0,ce11630a400956dcbfeeac55ad32861fc5176b2eeccb4990e4aaf30900f5cb CVE-2024-29419,0,0,1f113c646466febbefbd1317ecc5036f9bdf6e219db156971cfdda70e05f32f0,2024-03-20T17:18:21.343000 CVE-2024-2942,0,0,3fa2fdee1f7a471c21b1ac1386874f056fa7e82fdcd541072fb7ea8f5bfccb08,2024-03-27T12:29:30.307000 CVE-2024-2943,0,0,b5b95bbcb0b53766ee2bd76974e535abb9029181348d10726e03c7804fb75e95,2024-03-27T12:29:30.307000 -CVE-2024-29432,0,0,98f5189f1896db1d391adcdf1b5be519c13c910c7fac6245329968024bae5d7b,2024-04-02T21:15:46.117000 +CVE-2024-29432,0,1,935ce59b23319f15478ff1d005b1786853efcea9f20ed5b78b83dcf1879a3c65,2024-04-03T12:38:04.840000 CVE-2024-29433,0,0,b10a666a979afbf6ffc25b1ef458e1d0fb9c766493f3b32e8a3cbc2c3e4a9e2b,2024-04-02T12:50:42.233000 -CVE-2024-29434,0,0,ea38f1acd7dc6c73e357393361719059158500257f889cd3e26c91a8d3822370,2024-04-02T22:15:09.450000 +CVE-2024-29434,0,1,e2dd739e4fe1b524f01d6355aa24f60868a619e4b33fdd429c31c5ef2f0acc1e,2024-04-03T12:38:04.840000 CVE-2024-29435,0,0,4d03d83d8cb615246ed4e783c1ea07f9aee9ed7e6aa6133cefbb15bfb0a5c168,2024-04-02T12:50:42.233000 CVE-2024-2944,0,0,edbe06654b669678b299b573aae74f1e6525956b78541d7e0f3aff7e4dd8cf16,2024-03-27T12:29:30.307000 CVE-2024-29440,0,0,b41dbba691936eb263a6e48ee2f4c3b0c65bf928cbb922caedd1e0f5f03baacf,2024-03-26T12:55:05.010000 @@ -243250,6 +243264,7 @@ CVE-2024-29471,0,0,82d45a5ffd79414ce139218b143945b76a967fb1502a8005b616153a32c45 CVE-2024-29472,0,0,8914457096a81cfec257e1932986907f8b2f25a966f10c0d7629905ec24b0f86,2024-03-21T12:58:51.093000 CVE-2024-29473,0,0,2dcbe7e94767e08f46a9353b62d8f30da500a221f5affb32fc9ef958cfff985b,2024-03-21T12:58:51.093000 CVE-2024-29474,0,0,cd74b93fedbacc13ab911c0f2a2b89e07d9e578953f3b262ce40503b72930e98,2024-03-21T12:58:51.093000 +CVE-2024-29477,1,1,5231aab2983543fdf491ab629db6bbcb71a18478e7074594e3d1100549f6a211,2024-04-03T12:38:04.840000 CVE-2024-2948,0,0,69ae62e863aa0c628d345bc7d66ea32126e1cf0abc93ad86985926e075e497af,2024-04-01T01:12:59.077000 CVE-2024-29489,0,0,b53e28436eacd43712154645616899ea4ad86f89638685c2d1c1f1bd71a439fa,2024-03-29T12:45:02.937000 CVE-2024-29499,0,0,bc8db29a97bf5517e5213278d0d5f5ecdec4b51f00adea3262848d25f6e735bc,2024-03-22T19:02:10.300000 @@ -243274,7 +243289,7 @@ CVE-2024-2969,0,0,3b44a35797f59af8c943f5dbb2fce3c943dbaa3692484ae9edd2ca48b318cc CVE-2024-2970,0,0,97b5efebd06d1da6e27cb01c572bc0b66502d05407bc0c3aa6cc4cd6986808de,2024-03-29T12:45:02.937000 CVE-2024-2971,0,0,898bc718d43d0c390c6d16657d6a8f74b1bed4195ca2be9f6e03b60807e37565,2024-03-27T12:29:30.307000 CVE-2024-29732,0,0,3aff958eec55f5cf06538251c792be6423021bd21573f6f2f920d098c9ad37bd,2024-03-21T12:58:51.093000 -CVE-2024-29734,0,0,c692174cc7dc7728b97626c5a3e52968a203c54b64dc55a84e1f42277162d410,2024-04-03T08:15:49.173000 +CVE-2024-29734,0,1,8d99461dc9b8889d99315bde49edbce5536e3a20b88b53095157d8f0afc148b5,2024-04-03T12:38:04.840000 CVE-2024-29735,0,0,286fbba4f7cb1bbd32eae740efb468430068245735dc6c522579c415dcd44e18,2024-03-27T12:29:41.530000 CVE-2024-29758,0,0,850000367bf365fc67358722bd3f49f9e6efe1177fc04e28429703ce7619a3b6,2024-03-27T15:49:41.437000 CVE-2024-29759,0,0,604dde57e158ba268d6ad5edd22f6f9ee225a2c65d1a266897bc2dc328d431c0,2024-03-27T15:49:41.437000 @@ -243443,7 +243458,7 @@ CVE-2024-3014,0,0,57dd337802948c0c36abeb7862e4d697d25a39c1914e60d6e237ec085f38c2 CVE-2024-3015,0,0,3e96e179fc605bd086459a8977cf3494e9c3b88c686e177fb5725b8b22e0b1bb,2024-03-28T12:42:56.150000 CVE-2024-30156,0,0,aff0cd27a6d4ebd55e03f44f61cc23ee9163e094843acbac5af736e684ab9391,2024-03-25T01:51:01.223000 CVE-2024-30161,0,0,f6d00094643508d05d1e5626fca4ef83c82ab69ba4696adb329c49eff6d0ab4a,2024-03-25T01:51:01.223000 -CVE-2024-30166,0,0,24c9b86ebc5bc9e8ec534a5cdbdfafc71afc65e9c98ba5107ce9bad2547a28a1,2024-04-03T03:15:10.510000 +CVE-2024-30166,0,1,b150008503ab8c7534770489f2591fa7243e9c9df016e5c1c4c33123a4b73e85,2024-04-03T12:38:04.840000 CVE-2024-30177,0,0,ce7cec2fca67508ea4a8b86ac0339410ad9c9cb05c2afad1960db626913e7789,2024-03-27T12:29:30.307000 CVE-2024-30178,0,0,d11fc89cba6da171daf23dbb46df2a76bfb6083f334196d374e91e86d9976c38,2024-03-27T12:29:30.307000 CVE-2024-30179,0,0,35abc90ebe1a793047559644af343573def8da2ffc996aad9121641adf83cee8,2024-03-27T12:29:30.307000 @@ -243509,31 +243524,31 @@ CVE-2024-30340,0,0,936ebaade289155374119ab988cd44e329d38211b347eebf5f3d927e148cd CVE-2024-30341,0,0,06e6e6ab91aceac3584aa28f680a6780e9c648bd3e0caf27c0cbc8a0dc062f9c,2024-04-02T20:31:58.463000 CVE-2024-30342,0,0,6e8505848332938edac1021b1a94bb920d4ae83e28f352981633100a09367b89,2024-04-02T20:31:58.463000 CVE-2024-30343,0,0,fb6dfc8d754fa12e0d7786222270a9c7de30f36fb56fc1dbd26852867305fd08,2024-04-02T20:31:58.463000 -CVE-2024-30344,0,0,60ff91d54aaa942f4cd6c43445cae84c9547d2a0b31645f1657d684604aa39d4,2024-04-02T21:15:46.173000 -CVE-2024-30345,0,0,807cec7b0b94dcc3189d2c4abded6605864171832e7840237ec4c90fc0af5a0f,2024-04-02T21:15:46.353000 -CVE-2024-30346,0,0,9a74c8e258f0e022342088e19adb16baa6a10d0c2afb40c5db8b9c328782e116,2024-04-02T21:15:46.530000 -CVE-2024-30347,0,0,be41c1b793db031199ff58268769146c1121881e155de0d0aaefb67b21475beb,2024-04-02T21:15:46.723000 -CVE-2024-30348,0,0,2001ee733d94defc899057ffda4751c32be4e535a27684f8f1110a8def140edf,2024-04-02T21:15:46.900000 -CVE-2024-30349,0,0,e4b7b10949281c0cbe0692460315f794d8ac9a60304009901a99e9f34f965a14,2024-04-02T21:15:47.090000 -CVE-2024-30350,0,0,b715bb80c4db6811ede98dcac7321dc361e61cc7eb89ec3870f39ba8df73b0cf,2024-04-02T21:15:47.263000 -CVE-2024-30351,0,0,5682002a8bb98bcda56e8eb98e088b8f93ff8d292787a344feec4c171aaca48f,2024-04-02T21:15:47.447000 -CVE-2024-30352,0,0,7f67053cf96fb51c129716ae311405f547da444a91034266b0340061ffad6c45,2024-04-02T21:15:47.630000 -CVE-2024-30353,0,0,d58e35e6e939e2b482e0ee996abc5fbec88b699185024d3ac5601fa02bc494a1,2024-04-02T21:15:47.813000 -CVE-2024-30354,0,0,c76dad8dcc692bd4176212b20fb2e52edaf0d3a8b577bb303b6ecb58f6e743ae,2024-04-02T21:15:47.993000 -CVE-2024-30355,0,0,d7f615a0449161d78a6dab194079d65c7e954affd53720c923f1ad9392dfe782,2024-04-02T21:15:48.167000 -CVE-2024-30356,0,0,0df03ef9725dfa10cbcc6b8eb183c20d11e48ce51a18aadf931c422bdba56e98,2024-04-02T21:15:48.347000 -CVE-2024-30357,0,0,f7ce9722476c99b4d07e87ac396692dc7dc53e23ee011f6ae44db3555f4c8a19,2024-04-02T21:15:48.530000 -CVE-2024-30358,0,0,08c0891c2f91a2e8b45914e6be81830ba9dcbfc86c4d3402b1b519c3fe002f53,2024-04-02T21:15:48.717000 -CVE-2024-30359,0,0,bcaf17f00db2af7e1690d691841c993e126654c9d1ad139c5690b1838cf7f46a,2024-04-02T21:15:48.900000 -CVE-2024-30360,0,0,76bbf36e214024a6f2636765580e717f15563d4ed54fe4a997333af7ba8a25d9,2024-04-02T21:15:49.077000 -CVE-2024-30361,0,0,91864b0e67e3e955c210cbf7797b66800b718c6eeccb8fca1e4a88e7c24b5d95,2024-04-02T21:15:49.280000 -CVE-2024-30362,0,0,18fac267105bd424b91499007c792dc3970c86b807f275fc4c0151acd154bac1,2024-04-02T21:15:49.477000 -CVE-2024-30363,0,0,2b7dbcf63396faf2565dd1b52b668d62019d4a15a334c7309a1d21f771e6f864,2024-04-02T21:15:49.667000 -CVE-2024-30364,0,0,6ac88907ad335e74e0a64c3ea9dfac0c557e296ca29a2857bbf516ebe32db046,2024-04-02T21:15:49.853000 -CVE-2024-30365,0,0,c83ccdfe39cfb7094cd9afc238c1e0dd210c0c50d10d8769f8b079ce811b3fd0,2024-04-02T21:15:50.033000 -CVE-2024-30367,0,0,b1dbbf30b88dfcb40f9857e1c0deb5ec9f9b339d1207a99c5ff4cde41431fdaf,2024-04-02T21:15:50.217000 -CVE-2024-30370,0,0,873a05ea5d36250388f67bf9019c6ea53f7078247e4459939e6eac0154960d0e,2024-04-02T21:15:50.403000 -CVE-2024-30371,0,0,9d035b931752c3e1987adb6bdc574810993c81aee8c5ba6a318e3f45c611909e,2024-04-02T21:15:50.600000 +CVE-2024-30344,0,1,5bc139b5bbd44b7bb5b34a3a55c5a8ccb21aac14a897b892f152d0b7b80fa738,2024-04-03T12:38:04.840000 +CVE-2024-30345,0,1,d7f29b53351ee4b9cd93cf2b1fe26dc4705952a936cac37646bba650f9cd001b,2024-04-03T12:38:04.840000 +CVE-2024-30346,0,1,7d0368ecfc06cc1f8f2402fe99d9dfa0d6c63c2f34d70d6276af16ded29f534e,2024-04-03T12:38:04.840000 +CVE-2024-30347,0,1,e68985540e4648080ae382727cbdd6bd480d390686c7260409a8b3176121f126,2024-04-03T12:38:04.840000 +CVE-2024-30348,0,1,39f5c40227cf1fd49ec006be104dc0d67c20f3b98cdee650ab09c642d8fd60db,2024-04-03T12:38:04.840000 +CVE-2024-30349,0,1,6edf865ace49706734eddebd9b18356c82fe0f305fffaf4d53c808cfc353e0ba,2024-04-03T12:38:04.840000 +CVE-2024-30350,0,1,a1fe348f76aee865cda8fcaa498464a95d5044ea3be945a2ef416a0def6f418a,2024-04-03T12:38:04.840000 +CVE-2024-30351,0,1,7def1887ca6a75a01a298363eda9ce99d3f7cd03715e5fca72f5c0965da9c1c3,2024-04-03T12:38:04.840000 +CVE-2024-30352,0,1,e5c21ae78b9c524cc4ffd2bef6f185aca1e11f9feb144253b8f981fd55b6eb34,2024-04-03T12:38:04.840000 +CVE-2024-30353,0,1,4ddfab1fb4debdb52601bd8007f16aedb5c867fa7242ab4bef38630b5fcff776,2024-04-03T12:38:04.840000 +CVE-2024-30354,0,1,19b394e99590970a0db244f031fdca72c1785146331c48b5a3693178e2c0e0d4,2024-04-03T12:38:04.840000 +CVE-2024-30355,0,1,0decd90dac62ed7ef29b8b8f2f7ac7e8352838872b34ab7354a8ba9b609c657c,2024-04-03T12:38:04.840000 +CVE-2024-30356,0,1,c5df9b68c97f16468b5bc6b7fd4842294dd1cd4288439b029d531fd5ee2cf5d7,2024-04-03T12:38:04.840000 +CVE-2024-30357,0,1,b490603cfd1ae2bd60b1a73e06f78329e6a61ef981448feb412f19c789a2fb31,2024-04-03T12:38:04.840000 +CVE-2024-30358,0,1,0851f6424db5d7a6c7a03964dab129792309ca234977750d89a17754f629936e,2024-04-03T12:38:04.840000 +CVE-2024-30359,0,1,2f580ba4df713d107b03ef75cb85107d21786a90460916d480b0e35884e5f03e,2024-04-03T12:38:04.840000 +CVE-2024-30360,0,1,80c7b7c44e3824b902966f606dd1196cfc97097ce03102457d782a3b6a8868f0,2024-04-03T12:38:04.840000 +CVE-2024-30361,0,1,2879c3f761aa256a70cbaaae709e90f2c1dd7342ebded9044f02d01c6d51dc6f,2024-04-03T12:38:04.840000 +CVE-2024-30362,0,1,35aafb2836e5f8e5924ff39a2464f965c35f7dc3efb76e15b7b7082bb4cf34a3,2024-04-03T12:38:04.840000 +CVE-2024-30363,0,1,486d64804c1de5e8bb428f2000e75f33f32d44204e917e98f16ea5b43bd64847,2024-04-03T12:38:04.840000 +CVE-2024-30364,0,1,510899e3ecba71d096b404b02c98b4b3e3d0afcbd2457b7d4336fb6c1da0be73,2024-04-03T12:38:04.840000 +CVE-2024-30365,0,1,8d8a5efd96412c7324fe23e0515deeca0b6ea605ee15bf7de07d85db987cca0f,2024-04-03T12:38:04.840000 +CVE-2024-30367,0,1,a902af43f2971ddd47d7eebd60d52a9673dc37a2dcdcf1f5ecafc349085ea3e6,2024-04-03T12:38:04.840000 +CVE-2024-30370,0,1,0b843daff5c28582cf7b13f2850b1d8c607c4ae5b045b88facad224f99e19e5b,2024-04-03T12:38:04.840000 +CVE-2024-30371,0,1,b1d655f20dce1a124d87b962baf334d2a249a3ceff7f094651f12c5849e1f6ee,2024-04-03T12:38:04.840000 CVE-2024-3039,0,0,78eee57f82e030cc18475a85cdac1c12567dfe02603d629b2fbdbce1920e64dd,2024-03-28T16:07:30.893000 CVE-2024-3040,0,0,6f474eb89904d3ef26a1f99830c4f7e6fe42c974c3600ac0c482bf259f0da50d,2024-03-28T16:07:30.893000 CVE-2024-3041,0,0,3dadac99e88a79c62df6899f0fad147e3340516f2236f4e3cf8c259f2e06d9f0,2024-03-28T16:07:30.893000 @@ -243639,6 +243654,11 @@ CVE-2024-30557,0,0,d7ce80b7f514a588122360a1f5c7eb0e9d404422a86a2baf0f50cda830cd3 CVE-2024-30558,0,0,316bd1105795de2fd275943651925f37b5b583b6c7f2661f419ea96f6a9cb3e3,2024-04-01T01:12:59.077000 CVE-2024-30559,0,0,f8ff76c4b16936e5dab4a8e27b62011f38d8de1b5fa8e1b44dbcce666b46665a,2024-04-01T01:12:59.077000 CVE-2024-30561,0,0,60da1cbf317b304915e9076fb22281ec294c91ddc5ed997ca9114e07c21539f0,2024-04-01T01:12:59.077000 +CVE-2024-30568,1,1,c1880c20bb23ec4792d88fbb2a6c8dcc3119a807f46104b657991a2ac713fc33,2024-04-03T13:16:02.443000 +CVE-2024-30569,1,1,23164113b89c0382baa728aaea671f86b34c3d702de9b152235d7ce1dbffe85d,2024-04-03T13:16:02.503000 +CVE-2024-30570,1,1,18b05d8e8572d736cfe250154a2c9d24c0e4ccd3ffc3e110a960d854c0786e6b,2024-04-03T13:16:02.563000 +CVE-2024-30571,1,1,0378dccc43b51f3d231cf4fa0071dd28bc804611f22a89a9e90c27451fa45f5a,2024-04-03T13:16:02.620000 +CVE-2024-30572,1,1,aada8a4ab69718fa1b192e1c189265c054bddcf0b09d64bc75803efbc6a4a095,2024-04-03T13:16:02.680000 CVE-2024-30583,0,0,90e06b2d765278ac0f3bc4028344fdf483d30ea530d1cc273b94886fa84d52bd,2024-03-28T16:07:30.893000 CVE-2024-30584,0,0,35ddda2305ed50d97f06df7df7b733486405aa80385b935162c6180d1fe62320,2024-03-28T16:07:30.893000 CVE-2024-30585,0,0,7e78a86bcf687f746816842e948af254246fdc173fd94674915f1ec2e6a3c749,2024-03-28T16:07:30.893000 @@ -243719,17 +243739,17 @@ CVE-2024-3091,0,0,e5161a5a2d0196ce39626dff7591f836486bee878683ee478a2b6a285b1e55 CVE-2024-3094,0,0,502febf68b0d02803300ecc80fd5edf81a987966a53e4a71d6dd7ef4cc670f65,2024-04-03T06:15:07.873000 CVE-2024-30946,0,0,70258085ea0feb3f4aefa024075f57fc53acff2011361e3af9e62e409d001b0a,2024-04-02T18:12:16.283000 CVE-2024-30965,0,0,1400e6b50a8e4ef1623822c9ced221ce754149f4a9e5d2ebec8abe5a21a0d53f,2024-04-02T18:12:16.283000 -CVE-2024-30998,0,0,f54d32ffb3bfe66e5c1981c6b718daabbfd1e7815e4c970a54cc7706504d54c4,2024-04-03T06:15:07.650000 +CVE-2024-30998,0,1,179abd0db8095df44a7d1fc224d4f504797395ef6ca242b590dce2e234dbd0de,2024-04-03T12:38:04.840000 CVE-2024-31002,0,0,96e076f675a43d72347dc0c980a987d7f8bd37cac2f635917b77c618d7fb5159,2024-04-02T12:50:42.233000 CVE-2024-31003,0,0,3f0adfc7393f75768ba5f0ff119d336a00244f196f86b1dcc7f91a86901fc5be,2024-04-02T12:50:42.233000 CVE-2024-31004,0,0,f755b2d1295cbba2fb235b141572098c75292e03492bd90218100dd91b46b2be,2024-04-02T12:50:42.233000 CVE-2024-31005,0,0,782f5eeda1d450c46424dc60bc6e4a7de1c6ae363a2e211c85f204b9263b919b,2024-04-02T12:50:42.233000 -CVE-2024-31008,0,0,07e44b71d4ffddd93c5d726ac4a0d7a3bae5bf83530da345165ee5955d39f2c3,2024-04-03T06:15:07.750000 -CVE-2024-31009,0,0,1fcbeefbb58cb0e2df62839ef8d721cffc934595f6b376eb015a35b39711ac9f,2024-04-03T04:15:12.403000 -CVE-2024-31010,0,0,bdf91d26828038fe293fe276a9c0858c8ffc68a5351c70c052c8ab65cb693794,2024-04-03T04:15:12.653000 -CVE-2024-31011,0,0,ce361661f49f7fb98df437d591fbeb21b88074b8efbdf7aece51fd77f6dd7825,2024-04-03T05:15:48.010000 -CVE-2024-31012,0,0,c3625a3ae8d156edcebb532ffeb0dba8f41575e2d633b4c619a4e8eb5199c730,2024-04-03T04:15:12.797000 -CVE-2024-31013,0,0,4406acb5b0aeba31898d52c94599d09b9d6f2d9da61aa2b038acb5920b53e983,2024-04-03T04:15:12.907000 +CVE-2024-31008,0,1,fb58f95d5ac3e573901428dcb6b3f88285442daec81b849ad7032a6828042476,2024-04-03T12:38:04.840000 +CVE-2024-31009,0,1,4ba716bb3226f0c34bd04f51a3a22402f08a7c166518bbe25119daff68e02eff,2024-04-03T12:38:04.840000 +CVE-2024-31010,0,1,22d3a5a8802df0899a91f29c1da59c9756b041e238b139f6c5446937f944e965,2024-04-03T12:38:04.840000 +CVE-2024-31011,0,1,e280dc2325f8c749d256893287e9934a0b438d76a624897891275e16b92e2305,2024-04-03T12:38:04.840000 +CVE-2024-31012,0,1,59265fe10316d43a2acb459ea9de60f6a264c8b6d13bc4dae0d363d3b5d71397,2024-04-03T12:38:04.840000 +CVE-2024-31013,0,1,137ba39b03bbaab20823954557195167ac08df3fa32a6782dd4080f1d723f338,2024-04-03T12:38:04.840000 CVE-2024-31032,0,0,c23457a1b61188b806e7f7013717ab2174a595288e28b36b486645ce08e16035,2024-04-01T01:12:59.077000 CVE-2024-31033,0,0,897cdecff344b121550f3f8e1b3cb821fdde5689eabf8f2834a81266f3e9da87,2024-04-03T03:15:10.670000 CVE-2024-31061,0,0,3a611478260a969dc7c268c913c4f396b21e3b4ebcb9a4cb4b0ae2a352b58da0,2024-03-28T20:53:20.813000 @@ -243787,10 +243807,12 @@ CVE-2024-3131,0,0,2b79afbaf014f4ade09eea20b1cd97cb73297f40c06110081e5ce6e7cfad71 CVE-2024-3135,0,0,91954ab6e8bf3cb2f93a640035369c46334c6e185515d1b835de2161b0fd8f69,2024-04-02T12:50:42.233000 CVE-2024-3137,0,0,85619be4f983f97db1d6302bec8264dd546f884b93dfcad5f6be85034ffe5dcb,2024-04-02T12:50:42.233000 CVE-2024-3138,0,0,b2250a42d544b358de2555f1c668a77223939f10414766861d02ac21eac35bc6,2024-04-02T12:50:42.233000 +CVE-2024-31380,1,1,1a4e1f7b831e38df9b9543e60ce27d39c5119a0884381124bc60265b99a20aa8,2024-04-03T12:38:04.840000 CVE-2024-3139,0,0,ea53ec9a6dc1c2a719d7c48bab67da65c2ac8a1d444e99171b341666ca5377cf,2024-04-02T12:50:42.233000 +CVE-2024-31390,1,1,b4e9fc961de919e72175f3311bf8b0d63373bf3d5ee822252b4b654a4846db50,2024-04-03T12:38:04.840000 CVE-2024-3140,0,0,4a4571ebf0c853d6a035886d12ee1aa0de7c52d00b7e897dcd0cf868acaf4ead,2024-04-02T12:50:42.233000 -CVE-2024-3141,0,1,ce62be676a9f576284382f942b9c0316c626e7082a6cbe792c5dce19baf816e8,2024-04-03T11:15:45.800000 -CVE-2024-3142,0,1,59bb44b33a795c38abca6f63ff6fcf122a126c2c3f877441166eb833a7bd6786,2024-04-03T11:15:45.993000 +CVE-2024-3141,0,0,ce62be676a9f576284382f942b9c0316c626e7082a6cbe792c5dce19baf816e8,2024-04-03T11:15:45.800000 +CVE-2024-3142,0,0,59bb44b33a795c38abca6f63ff6fcf122a126c2c3f877441166eb833a7bd6786,2024-04-03T11:15:45.993000 CVE-2024-3143,0,0,adef6ddf8aed4b85f5b9ec5c41837e0ea05c8056f77fa6600789550fcc865a57,2024-04-02T12:50:42.233000 CVE-2024-3144,0,0,0d76c2330ba298defd0f1b4b8583f5577295a22c7482e9267c8cbbe09aa0eb3a,2024-04-02T12:50:42.233000 CVE-2024-3145,0,0,910eeb7fc8d864d7945418c0e4535b894388c19da07aa9b0f359cad540d76837,2024-04-02T12:50:42.233000 @@ -243799,25 +243821,30 @@ CVE-2024-3147,0,0,02625b405a9656dc1928c253c58a24946e5b9cb50ef47acb30b3a3a470e8ef CVE-2024-3148,0,0,da83dea91bd5fed523ca15df13db4100d62650319dcc492fed6d52171a819a8a,2024-04-02T12:50:42.233000 CVE-2024-3151,0,0,fd318ccd62bb1591c5adc8aa64b64902777e5494f39fd013fd04f3b34dca25d6,2024-04-02T18:12:16.283000 CVE-2024-3160,0,0,f3860e2f9070e5e070adb0fe8ff153c3f84611a0ac253de8db1847a3b6990614,2024-04-02T12:50:42.233000 -CVE-2024-3162,0,0,e8e824cea17a52ca44761b6ad8abb76b054246f20df87061d12f7926cd11119f,2024-04-03T03:15:10.907000 +CVE-2024-3162,0,1,7209bf9b1b4a4f41543ae01bfd19e9aec1dd355164cd1434a8cb5548ea161c65,2024-04-03T12:38:04.840000 CVE-2024-3164,0,0,3f14d5740dc99012cea5d98ccad2d9781e84892caf086f43791d3f9483c41c33,2024-04-02T12:50:42.233000 CVE-2024-3165,0,0,de9c55d425cf1712b174cf5953c3fab2e18950a6202399f31519128938dc300f,2024-04-02T12:50:42.233000 -CVE-2024-3202,0,0,354af652d9a5f2cd54cde25384dcb729bd65422a7e8b53c4cbf2d9d34ceecc0e,2024-04-02T22:15:09.643000 -CVE-2024-3203,0,0,43e38049f354423bd4be0d0a532fc72fa7383318e4fa5d60a1d163397d283d84,2024-04-02T22:15:10.320000 -CVE-2024-3204,0,0,5ad6d34a480d00006a63de0122cac9a61b0db76f21e7faed505b0e1dcd8df92b,2024-04-02T22:15:11.040000 -CVE-2024-3205,0,0,a11e8ecb14565435103a9f170316f50733dbfc1e0b554ddfaa0472de2b7df9b4,2024-04-02T23:15:54.627000 -CVE-2024-3207,0,0,a1a6c6670933638113caa230ba9e94d1b4149039c5bf481cff95e4f7c2db426d,2024-04-02T23:15:54.853000 -CVE-2024-3209,0,0,a09d13afee235d8a242d98d152f7462c9c1268a0e7f7b20a694e640f37299bf0,2024-04-02T23:15:55.083000 -CVE-2024-3218,0,0,58b3082566da9addbc11910fa9fa206ac4aa9b120578d7f8c505038f41104932,2024-04-03T00:15:08.717000 -CVE-2024-3221,0,0,f0bef237447dcd828b3225d0dfe0c6e11285a81895472e874ff0b8b359c9adaf,2024-04-03T00:15:08.980000 -CVE-2024-3222,0,0,d03929212fec49fd3f97dd62424f2b23f109103524c7c1f7d4663213dfb3dfaf,2024-04-03T00:15:09.237000 -CVE-2024-3223,0,0,3f6df64d9cff289ecd35514f7db353c5b5e9764a58235760f348ebb3bb9fcbad,2024-04-03T01:16:05.023000 -CVE-2024-3224,0,0,a22c813862c9581d97a20438bec18e2d95c3fb06d945e984b0f84c04660b5145,2024-04-03T02:15:08.097000 -CVE-2024-3225,0,0,1c40c3f8ea3027cb3c85ed843a0a031b3bf4e5215d2e80cf6c2be758fa550d8f,2024-04-03T02:15:08.347000 -CVE-2024-3226,0,0,ed31b9b4afa0d0a26b1a15801856e3cd6868ffc17ab27199a098ca5a95f353e1,2024-04-03T02:15:08.647000 -CVE-2024-3227,0,0,8118683aabccfc501e69348fdcd84b82f87b0c037ee34b6cc389a3d0eb8a1d64,2024-04-03T03:15:11.457000 -CVE-2024-3247,0,0,65f01dc924738bd132270fee9b86fadf825469a4f008f082698391fa91f903f7,2024-04-02T23:15:55.300000 -CVE-2024-3248,0,0,8d3b74d4fdf4fb4fd2b5695d28eed214279348ee6479c8323dad74faf223fb48,2024-04-02T23:15:55.493000 -CVE-2024-3251,1,1,7730fcc64b9b196223061077f5846dac928c83d9b9b412bee2565eb800e3e913,2024-04-03T10:15:09.257000 -CVE-2024-3252,1,1,d762395438a7826d79cb81dc10e475f651566a8ae827fdd661e7f88aae42ea50,2024-04-03T10:15:09.687000 -CVE-2024-3253,1,1,364170b55ecaa1eb35b6ce9129ad47605e417469ba8a13c19e6ba01274a69943,2024-04-03T11:15:46.097000 +CVE-2024-3202,0,1,c740eb561a7c1440cb5a8dd5eb2f94f0cce226529c05056c2f841e5a9fe9ca73,2024-04-03T12:38:04.840000 +CVE-2024-3203,0,1,697bde31fba6d3c5a0e2d11da403a2e3b16828faac086b66cd78b0527d17b9c5,2024-04-03T12:38:04.840000 +CVE-2024-3204,0,1,a9dea1ca01b499632a34af3ee57c461ecd8a21787537da790c2ae8f833a61142,2024-04-03T12:38:04.840000 +CVE-2024-3205,0,1,b2f3ceb1bf38a09a954460b526a18eba5a5a22a0c7181b9f1de158755c6153d4,2024-04-03T12:38:04.840000 +CVE-2024-3207,0,1,5c9ae7819818cf69391317769652edafe7eb5058db1623e7c6299d6d13471791,2024-04-03T12:38:04.840000 +CVE-2024-3209,0,1,30868cdb47dd928f589dfe2abcfe897db3e1f5f5372f4956ca12525c6828bcc3,2024-04-03T12:38:04.840000 +CVE-2024-3218,0,1,2efa792f2f422ae3d499fd8bd729cdb1e057c75ae9cfbaccf7a66bc466210399,2024-04-03T12:38:04.840000 +CVE-2024-3221,0,1,265e838721fb682684198a7086d104f84e57519a8c4d6ef772db38592eb6bf44,2024-04-03T12:38:04.840000 +CVE-2024-3222,0,1,b37821a3e0768163f96b2bee06bee09f327b52e150bd3dc09c830a3634a1e6b2,2024-04-03T12:38:04.840000 +CVE-2024-3223,0,1,4fec83d637121ccff0125099b853e71324363eb3441ea87ee58103aa1679d119,2024-04-03T12:38:04.840000 +CVE-2024-3224,0,1,df4c497061254d88e30845f005326a0e8dcc0160759089f479b7881ad8ceacd1,2024-04-03T12:38:04.840000 +CVE-2024-3225,0,1,c811644d786446dc903ce63beb97b40688ffdfe279f9ae136fe25e53360310ab,2024-04-03T12:38:04.840000 +CVE-2024-3226,0,1,0d9ebebedadf244922f8385228c3d640f57a5f4e2e40a7b8124aa06fa756c486,2024-04-03T12:38:04.840000 +CVE-2024-3227,0,1,5e86de506c0356caace938eb3ddc76daf74ee07964bebbed2f3824e6fdb4ef31,2024-04-03T12:38:04.840000 +CVE-2024-3247,0,1,095afc187e8f976bc1a2eaa79a4c0328aa3c3e2487a10203585d8616775f8a4d,2024-04-03T12:38:04.840000 +CVE-2024-3248,0,1,65f6d4ddfc43ae235edf2e59fc9daa1f1d020439a4fa197a41a6ddd58e106004,2024-04-03T12:38:04.840000 +CVE-2024-3251,0,1,612fa2cbd1b7aa381067b911d8824859d86a26753bd39d3ebfa059bfd1d20eac,2024-04-03T12:38:04.840000 +CVE-2024-3252,0,1,aa2e5a3beeb53d70ad7f51b4bbc1915ec41533b4a644198bc020755253bede7e,2024-04-03T12:38:04.840000 +CVE-2024-3253,0,1,0972236c1835b9f5b2c1ab54b3987e593351bdd4ff986c80c53132587f0059fc,2024-04-03T12:38:04.840000 +CVE-2024-3254,1,1,854c687aaabf8bf91229d5dee06e1f8110fe8d98d15afe9f4ad67450b6cecf41,2024-04-03T12:38:04.840000 +CVE-2024-3255,1,1,bd5bd4cdd01653b8a07d932f79727f171443054afc527b2297174d92120314df,2024-04-03T12:38:04.840000 +CVE-2024-3256,1,1,2a40af9f430269463bc81be879d77884382b7d476ba20e48ec3fbc010a876fba,2024-04-03T13:16:02.740000 +CVE-2024-3257,1,1,52095fc15c9a0c77a941584a416d4e18c77a59b100cdd84ed585707c3b7496ee,2024-04-03T13:16:03.020000 +CVE-2024-3258,1,1,791178381568249aa1eba11446e049d3d25a22c9cf90906d16a3a21a2f9a6fa4,2024-04-03T13:16:03.310000